API & MCP

Drawbridge

On-device PII pseudonymization for AI chat, powered by the Rampart model. Real values never leave your machine.

As of July 2026, Drawbridge has users in the Privacy & Security category.

Usersno change0%
Ratingno change0%
— reviews
Reviewsno change0%
Version
0.1.1
Manifest V3

History

1 snapshots

Tracking since Jul 8, 2026.

Not enough history yet for this metric — the chart fills in as we collect more snapshots.
View as table
DateUsersRatingReviewsVersion
Jul 8, 20260.1.1
Now0.1.1

Permissions & access

Permissions
storageoffscreenscripting
Host access
https://claude.ai/*, https://huggingface.co/*, https://*.huggingface.co/*, https://*.hf.co/*

Screenshots

Drawbridge screenshot 1Drawbridge screenshot 2

About

Drawbridge protects your personal information before it reaches AI chat sites. Powered by the on-device Rampart model, it detects names, addresses, phone numbers, emails, SSNs, credit cards, and more — then replaces them with stable placeholder tokens like [GIVEN_NAME_1] before your message is sent. The AI site only ever sees the placeholder, while Drawbridge restores the real values in replies right on your device.

How it works:
- As you type, detected PII is highlighted in the composer and a chip shows how many items will be protected.
- When you hit send, the real prompt is swapped for a protected version on the wire.
- When the AI replies, placeholder tokens are restored to real values locally before they reach your eyes.

Key features:
- On-device processing: the 14.7 MB Rampart model runs locally in your browser via WebGPU/WASM. No data sent to any external service for detection.
- Fail-closed by default: if the model can't scan a message in time, sending is blocked rather than letting raw text through.
- Supports claude.ai (first surface; architecture is site-agnostic).

Honest limitations:
- Rampart is ~98.4% recall — a strong first line of defense, not a guarantee.
- Text messages only; attachments, file uploads, and pasted images are not scanned.
- Interception covers fetch only (claude.ai uses fetch today).
- Session tables are in-memory only; after a browser restart, historical placeholders may not restore correctly until a new conversation starts.

Permissions:
- Storage: to save your settings locally.
- Scripting: to inject content scripts on supported sites.
- Offscreen: to host the Rampart model in a dedicated execution context.

Technical

Version
0.1.1
Manifest
V3
Size
18.19MiB
Min Chrome
121
Languages
1
Featured
No

Metadata

ID
kkfpdkkoanbhhomoalcfnbcgiccpdebf
Developer ID
u0b30f813140ef384785e93011a30f254
Developer Email
[email protected]
Created
Jul 7, 2026
Last Updated (Store)
Jul 7, 2026
Last Scraped
Jul 8, 2026
Website
Support URL

Data sourced from the Chrome Web Store · last verified Jul 8, 2026.