<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Sberlerch</title>
    <description>The latest articles on DEV Community by Sberlerch (@sberlerch).</description>
    <link>https://dev.to/sberlerch</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F4010713%2Fbefa7590-6e70-465c-af49-3c0bb3ee2489.png</url>
      <title>DEV Community: Sberlerch</title>
      <link>https://dev.to/sberlerch</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/sberlerch"/>
    <language>en</language>
    <item>
      <title>Why I built Contextia: stopping secrets before they reach AI chats</title>
      <dc:creator>Sberlerch</dc:creator>
      <pubDate>Wed, 01 Jul 2026 09:55:32 +0000</pubDate>
      <link>https://dev.to/sberlerch/why-i-built-contextia-stopping-secrets-before-they-reach-ai-chats-11ol</link>
      <guid>https://dev.to/sberlerch/why-i-built-contextia-stopping-secrets-before-they-reach-ai-chats-11ol</guid>
      <description>&lt;p&gt;I almost pasted a production &lt;code&gt;.env&lt;/code&gt; into ChatGPT. Twice. That's the whole origin story.&lt;/p&gt;

&lt;p&gt;We paste code, logs and configs into AI chats all day, and those blobs are full of&lt;br&gt;
live API keys, tokens, private keys and connection strings. Existing tools —&lt;br&gt;
gitleaks, trufflehog — are great, but they scan &lt;em&gt;repositories and CI pipelines&lt;/em&gt;.&lt;br&gt;
None of them sit at the exact moment the leak happens: the chat composer.&lt;/p&gt;

&lt;p&gt;So I built &lt;strong&gt;Contextia&lt;/strong&gt;: a local, on-device guard that flags secrets before they&lt;br&gt;
leave your machine.&lt;/p&gt;

&lt;h2&gt;
  
  
  The design constraints I refused to bend
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Zero network requests.&lt;/strong&gt; No accounts, no servers, no telemetry. There's a unit
test that scans the source and &lt;em&gt;fails the build&lt;/em&gt; if any &lt;code&gt;fetch&lt;/code&gt;/XHR/WebSocket
appears. For a privacy tool, "trust me" isn't enough — it has to be structurally
impossible.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;The log never stores the secret.&lt;/strong&gt; A detection record is &lt;code&gt;{ timestamp, site,
type, severity, action }&lt;/code&gt; — never the matched value.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;One deterministic, DOM-free engine.&lt;/strong&gt; &lt;code&gt;detect(text) -&amp;gt; Finding[]&lt;/code&gt; is a pure
function with no browser or network dependency, so every surface reuses the same
logic and it's trivial to test.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  One engine, four surfaces
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Browser extension&lt;/strong&gt; — scans the composer on ChatGPT, Claude, Gemini, Copilot,
Perplexity, DeepSeek. Modes: warn, auto-redact, block.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Terminal AI-DLP proxy&lt;/strong&gt; — &lt;code&gt;contextia run -- &amp;lt;your agent&amp;gt;&lt;/code&gt; wraps a CLI agent and
redacts or blocks secrets in requests to Anthropic/OpenAI before they leave. It can
even do reversible tokenization: the model gets a placeholder, and the real value is
restored in the response.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Claude Code plugin&lt;/strong&gt; — blocks a prompt that contains a secret.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;The engine&lt;/strong&gt; — an MIT npm package you can drop into your own tools.&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Coverage
&lt;/h2&gt;

&lt;p&gt;58 detectors today (AWS, GitHub, Stripe, OpenAI, Figma, Atlassian, Tailscale, PEM&lt;br&gt;
keys, &lt;code&gt;.env&lt;/code&gt;, DB strings, JWTs, credit cards, IBANs…), each guarded by an automatic&lt;br&gt;
false-positive gate: a new rule can't ship unless its fixtures hold. You can also add&lt;br&gt;
your own values and regex patterns to always redact.&lt;/p&gt;

&lt;h2&gt;
  
  
  Try it
&lt;/h2&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;
bash
npx @sbr0nch/contextia scan .env
contextia run -- claude   # guard your agent with one command
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;

</description>
      <category>security</category>
      <category>opensource</category>
      <category>ai</category>
      <category>webdev</category>
    </item>
  </channel>
</rss>
