DEV Community

Cover image for I Built a Privacy Scrubber So My Prompts Stop Leaking Data to AI Models
Poorvith M P
Poorvith M P

Posted on

I Built a Privacy Scrubber So My Prompts Stop Leaking Data to AI Models

I Built a Privacy Scrubber So My Prompts Stop Leaking Data to AI Models

Tags: #privacy #javascript #webdev #buildinpublic


Every prompt you send to an AI model is a potential data breach waiting to happen. That sentence sounds dramatic until you've actually watched someone paste a client NDA into ChatGPT to "just summarize the key terms real quick." Names, deal values, jurisdiction clauses, signatures — all of it, sitting on a third-party server the moment you hit enter. Nobody meant any harm. That's exactly the problem: the leak isn't malicious, it's just convenient.

I kept seeing this pattern everywhere — in my own workflow, in coworkers' Slack messages ("hey can you check this contract with GPT"), in random Twitter threads. So I built something to stop it before it happens, and I want to walk through why and how.

The problem, in three parts

  • Corporate IP leakage. Internal docs, proprietary code, product roadmaps — the moment they're pasted into a prompt, you've lost control of where that text lives and who (or what) gets trained on it.
  • Regulatory risk. Paste patient notes into a chatbot and you've potentially violated HIPAA. Paste a client's legal filing and you're in murkier territory with privilege and confidentiality obligations. Most people don't even realize they've crossed a line until it's already crossed.
  • Plain old data leakage. Emails, phone numbers, addresses, ID numbers — PII sitting in plaintext, sent to a server outside your control, with no undo button.

The solution: scrub before you send, not after

The core idea is simple: nothing sensitive should ever leave your browser. So the whole thing runs client-side, no exceptions. The flow looks like this:

[ Paste your prompt ]
        |
        v
[ Regex-based PII scan ]   <-- runs entirely in-browser
        |
        v
[ Placeholder replacement ]  e.g. "John Smith" -> "[PERSON_1]"
        |
        v
[ Scrubbed prompt ready to send to any AI model ]
        |
        v
[ Vault export ]  <-- encrypted mapping saved locally,
                       so you can restore real values later
Enter fullscreen mode Exit fullscreen mode

You paste your text, the scanner flags anything that looks like a name, email, phone number, ID, or address, and swaps it for a neutral placeholder. You get a clean prompt to send wherever you want, and a local "vault" file that holds the placeholder-to-real-value mapping — so if the AI's response references "[PERSON_1]," you can decrypt and restore it back to the real name afterward, entirely on your machine.

What's under the hood

Nothing fancy, and that's deliberate. It's vanilla JavaScript — no framework, no build step, no bundler to fight with. That keeps the whole thing auditable: you can open the source file and read every line of what's touching your data, instead of trusting a black box. For exports, it uses jsPDF to generate a clean scrubbed-prompt PDF, and localStorage handles session recovery so you don't lose your work if you accidentally close the tab mid-scrub.

What's next

Regex gets you far, but it has ceilings — it'll miss context-dependent PII and occasionally flags things it shouldn't. Next up is NER-based detection (named entity recognition) to catch more nuanced cases without turning this into a server-side tool that defeats the entire point. After that: a browser extension so scrubbing happens inline wherever you're typing, and eventually a lightweight API for teams that want this baked into their internal tooling without every employee needing to remember to run it manually.

Try it

The app is live, the code is open, and I'd genuinely rather hear "this missed X" than have people quietly stop trusting it. Link to the live app and the GitHub repo are below — open an issue if something breaks or if there's a PII pattern I haven't accounted for.

[Live app link https://aiscrubber.vercel.app/] · [GitHub repo link https://github.com/prvthmpcypher/aiscrubber]

Top comments (0)