SMP - Secure Messages Plugin

About

SMP — Secure Message Plugin

Accidentally sending an API key, password, or private token in messengers or emails can cause a serious security incident. SMP catches it before the message leaves your keyboard.

How it works?
SMP runs silently in the background while you type in your favourite messaging apps. The moment it detects a secret in your message, it replaces it with a short, end-to-end encrypted secure-notes link — so the recipient can open it securely, and it expires automatically. It comes with built-in support for the most popular services and business email.

What it detects?
1. API keys & tokens (AWS, GitHub, Stripe, Google, and dozens more)
2. Passwords & credentials
3. Private keys & certificates
4. High-entropy strings that look like secrets
5. Custom patterns you define yourself

Key features:
- Auto-replace mode — secrets are swapped out instantly, no clicks needed
- Statistical entropy detection — catches tokens that don't match known patterns
- Configurable sensitivity (Low / Medium / High)
- Adjustable link expiry (TTL)
- Works entirely in your browser — no data leaves without your action
- Open options page to enable/disable individual detection patterns

Privacy
SMP does not log, store, or transmit your messages. Detection happens locally in your browser. Only the secret content itself is encrypted and sent to secure-notes Instance when a replacement link is created.