InjectGuard

About

Protect your AI‑assisted browsing from hidden prompt‑injection.

InjectGuard scans webpages for text that’s visually hidden but designed to influence AI tools (e.g., “ignore previous instructions”, “override prior prompt”). It highlights suspicious hidden content so you can read with confidence.

Key features
- Automatic scanning on page load and on demand
- Detects many hiding techniques: display:none, visibility:hidden, opacity:0, color matching, tiny fonts, off‑screen positioning, zero‑area elements, clipping, z‑index layering
- Suspicious phrase detection for common prompt‑injection patterns
- Clear severity ratings and easy‑to‑read results in the popup
- Monitors dynamically loaded content
- Privacy‑first: all analysis runs locally in your browser

How it works
- Analyzes the DOM to find content hidden from normal view
- Checks hidden text against known prompt‑injection patterns
- Shows a badge and detailed popup with findings and severity

How to use
1) Install the extension
2) Visit any webpage you want to check
3) Click the InjectGuard icon to view scan results and details

Permissions explained
- activeTab: scan the current tab when you open the extension
- tabs: read tab metadata (e.g., URL) and update the badge
- storage: save your local preferences and settings
- scripting: inject the scanning logic into the current page context

Privacy
- No data collected or shared
- No external servers; all processing happens on‑device

Open source & support
- Code, issues, and roadmap: [GitHub repository](https://github.com/Yae-Tools/inject-guard)
- License: MIT

Limitations
InjectGuard flags suspicious patterns, but no tool can guarantee detection of every technique. Use findings as an assistive signal alongside your judgment.