Show HN: Local Privacy Firewall-blocks PII and secrets before ChatGPT sees them
4 days ago
- #AI-safety
- #local-processing
- #privacy
- PrivacyFirewall is a local-first PII and secrets firewall for AI tools like ChatGPT, Claude, and Gemini.
- It blocks risky paste events, warns as you type, and optionally uses a lightweight on-device Transformer model for deeper PII detection.
- No data ever leaves your machine; everything runs locally in your browser or through an optional local API.
- Modern AI tools make it easy to leak sensitive information such as emails, phone numbers, API keys, customer data, IP & MAC addresses, internal logs, and regulated personal information (PII/PHI).
- PrivacyFirewall adds a zero-trust privacy shield before your text reaches third-party AI systems.
- Features include human-in-the-loop protection, 100% local processing, practical protection (regex + optional transformer NER), friendly UX, and being open-source and auditable.
- Lite Mode runs instantly in the extension with regex-only detection, while AI Mode uses a local FastAPI agent + transformer model for deeper detection.
- Installation involves cloning the repo, setting up a Python environment, and running the FastAPI service.
- The extension can be loaded in Chrome/Chromium/Edge by enabling Developer mode and selecting the 'src/extension/' directory.
- PrivacyFirewall detects various sensitive data patterns including email addresses, phone numbers, credit card candidates, AWS access keys, and more.
- Powered by dslim/bert-base-NER, it can identify entities like PERSON, ORGANIZATION, and LOCATION.
- Future plans include extension settings UI, per-site allow/deny lists, secret-type redaction, and packaging the engine as a binary or desktop app.
- Troubleshooting tips include ensuring the Python engine is running, confirming port 8765 is free, and checking AI Mode is enabled.
- PRs and issues are welcome, with guidelines on what to include in reports.
- PrivacyFirewall ensures no prompts or text leave your machine, with no analytics, telemetry, or external logging.
- The project is MIT licensed.