Browser extensions that proxy LLM calls through their own backend are making a quiet tradeoff on your behalf: every highlight, every page URL, every query goes through their logs. Maybe they anonymize it. You can't audit that.
rabbitholes doesn't have a backend. The constraint wasn't a performance optimization — it was the point. I read things I wouldn't want logged somewhere: drafts I'm researching, medical questions, legal concepts I'm unpacking. I built the extension for myself and wanted to be able to trust it.
The architecture is flat. You highlight text on any page, the extension calls api.anthropic.com directly from your browser using your own API key. Web-enriched answers call api.search.brave.com directly. Both are Manifest V3 fetch calls with no relay. Your key is stored in chrome.storage.sync — Chrome encrypts it, it never leaves the browser, I never see it.
// Direct from browser to Anthropic — no intermediary
const res = await fetch('https://api.anthropic.com/v1/messages', {
method: 'POST',
headers: {
'x-api-key': userApiKey,
'anthropic-version': '2023-06-01',
'content-type': 'application/json',
},
body: JSON.stringify({
model: 'claude-haiku-4-5',
max_tokens: 1024,
messages: [{ role: 'user', content: prompt }],
}),
});
The visible tradeoff: you need to supply an API key. A proxied extension can hide that step. I think the exchange is worth it — a one-time setup vs. a permanent data relationship with a server you don't control.
The rest of the extension is built around staying in place. Explanations render in a shadow DOM tooltip so they don't bleed into the host page's styles. You can click any word in the explanation to go deeper, or drag to select a phrase. Every answer ends with two suggested rabbit-hole topics. A hop counter tracks depth; hit a long enough chain and you get a shareable trail.
No analytics, no telemetry, no pings to any server I run, because I don't run one.
github.com/robertnowell/rabbitholes
Top comments (0)