We believe in transparency. Here's exactly what we detect, where we detect it, and what we don't.
| Browser | Protection | Detection engine | Injection timing |
|---|---|---|---|
| Chrome | Full | 22-pattern detector + 18-moat egress gate | document_start (earliest possible) |
| Edge | Full | 22-pattern detector + 18-moat egress gate | document_start (earliest possible) |
| Opera | Full | 22-pattern detector + 18-moat egress gate | document_end |
| Firefox | Full | 22-pattern detector + 18-moat egress gate | document_start |
| Safari | Full | 22-pattern detector + 18-moat egress gate | document_start |
| Brave | Strong | Same as Chrome (Chromium-based) | document_start |
| Arc | Strong | Same as Chrome (Chromium-based) | document_start |
All browsers run the same detector.js engine locally. No data ever leaves your device.
Kasbah monitors data sent to these platforms. If you paste or upload sensitive content, we catch it before it reaches the AI.
New platforms are added with each release. Chrome extension also protects on all websites, not just AI platforms.
22 pattern categories, 100+ language variants, 12 layers of defense. All running locally in your browser.
Passports, national IDs, driver's licenses, birth certificates — 18 languages
Credit cards (Luhn-validated), bank accounts, IBANs, wire transfers, invoices
Patient records, prescriptions, psychiatric notes, insurance claims — 12 languages
SSNs, tax IDs, W-2s, 1040s, 1099s, NIF, SIRET — 12 languages
GitHub PATs, AWS keys, OpenAI keys, bearer tokens, .env secrets, connection strings
BTC/ETH private keys, wallet addresses (legacy + Bech32), seed phrases, PEM keys
Auto, health, life, home, and property insurance policies and claims
SQL injection, shell commands, prompt injection — catches code exfiltration
Contact lists (5+ emails), database connection strings with credentials
English, French, Spanish, Portuguese, German, Italian, Dutch, Polish, Arabic, Chinese, Russian, Japanese, Korean, Greek, Turkish
All of the above plus: Moroccan Arabic, CIN/CNIE, IBAN/SWIFT variants, local tax forms (DNI, NIF, SIRET, CIF)
Attackers try to evade detection. Here's what we handle:
L33t speak (p@$$w0rd), Unicode homoglyphs (Cyrillic а vs Latin a), Zalgo text, zero-width characters, fullwidth Unicode, smart quotes, exotic whitespace, base64 encoded content, multi-line splitting
ROT13 encoding, character-by-character drip (one letter per message), image-embedded text (screenshots of documents), audio-to-text transcriptions
No security tool is perfect. Here's where our current limits are:
We'd rather tell you what we can't do than pretend we catch everything. Every version improves detection. If you find something we miss, let us know — it makes everyone safer.
1. You type or paste — Content enters a text field on any supported AI platform.
2. Egress gate intercepts — Before the browser sends data, our 18-moat gate catches it (fetch, XHR, WebSocket, form submit, beacon, clipboard).
3. Local classification — detector.js runs 22 regex patterns against the text. All processing happens in your browser. Zero network calls.
4. Risk scoring — Each match adds to a risk score. Multi-pattern matches escalate severity.
5. Three-tier response
Silent (risk < 30) — Safe content passes. No interruption.
Warning (risk 30–70) — Inline toast notification. You decide.
Block (risk > 70) — Modal dialog. Clear explanation of what was detected.
6. You choose — Even on blocks, you can override. We inform, you decide.