Most Chrome extensions that call external APIs route requests through the developer's backend. You're asking users to trust that their queries — what they're reading, what they don't understand — don't get logged or sold. That's a promise made in a privacy policy, not enforced by architecture.
I built rabbitholes to highlight any text and get an inline explanation without opening a new tab. The usage pattern is ambient: you're mid-article, you highlight a phrase you half-know, an explanation pops up next to your cursor in a shadow-DOM tooltip. Then you click a word in the explanation to go deeper, or hit the rabbit-hole counter to see how many hops you've taken. That pattern produces a granular record of what you read and what confused you. I didn't want that record to exist on my end.
So the architecture skips the intermediary entirely. Requests go directly from your browser to api.anthropic.com (for explanations via Claude Haiku 4.5) and api.search.brave.com (for the globe-icon web-enriched mode, which appends Brave Search results and source chips). Your API keys live in chrome.storage.sync — Chrome encrypts them and syncs them to your account; they never hit a server I control because there is no server I control.
// Full outbound call — no proxy layer
const res = await fetch('https://api.anthropic.com/v1/messages', {
method: 'POST',
headers: {
'x-api-key': userKey, // retrieved from chrome.storage.sync
'anthropic-version': '2023-06-01',
'content-type': 'application/json',
},
body: JSON.stringify(payload),
});
Manifest V3 host_permissions are scoped to exactly those two domains. No analytics SDK, no Sentry, no telemetry pipeline. Zero.
The cost of this design: you need your own API keys. For personal reading use, Claude Haiku 4.5 runs cheap enough that it's a rounding error. Brave Search has a free tier that covers light use.
The benefit: your reading habits stay yours. What you looked up, what confused you, how far down a rabbit hole you went — none of that transits my infrastructure, because there isn't any.
Top comments (0)