Most browser extensions that call an AI API route your request through the developer's backend. That's the obvious architecture: you ship an extension, you control the API key, you log requests, you see what your users are doing. The extension itself becomes a thin client for your server.
I built rabbitholes differently, and it's worth explaining the specific constraint I chose and why.
Every request — highlight to explanation, word click to follow-up, globe icon to web-enriched answer — goes directly from your browser to api.anthropic.com or api.search.brave.com. There is no intermediary server. I don't have one. Your Anthropic API key lives in chrome.storage.sync, which is encrypted by Chrome and scoped to your profile. It never transits any infrastructure I own.
The practical consequence: I have zero visibility into what you look up. If you're reading a medical article and highlight something sensitive, or you're researching something you'd rather not have logged, rabbitholes can't phone that home — not because I pinky-promise not to log it, but because the request never touches anything I control.
The tradeoff is real. I can't offer a free tier. You need your own Anthropic API key to use it. For a consumer tool, that's meaningful friction. But for anyone who reads widely and doesn't want their reading history sitting on a third-party server, it's the right call.
The shadow DOM tooltip handles the other privacy surface: the extension renders inline without polluting or reading the host page's DOM beyond the selection you made.
Code is Manifest V3. The full implementation is at https://github.com/robertnowell/rabbitholes if you want to audit what actually runs.
Top comments (0)