Keep secrets out of AI.
Catch API keys, tokens and credentials before they reach an AI assistant, in your terminal and your browser. On-device, zero network.
$ npm i -g @sbr0nch/contextia↑ Live secrets found. Hit Redact all to strip them. It all runs in your browser.
One engine. Four surfaces.
The same on-device secret detection, wherever you work with AI.
Terminal & proxy
Scan a diff, or proxy any AI agent (Claude Code, Cursor, Windsurf, aider) so secrets are redacted or blocked before they leave.
$ contextia run -- claudeClaude Code plugin
Blocks a prompt the moment it contains a secret, natively, before it reaches the model.
$ /plugin install contextia@contextiaBrowser extension
Coming soonOn-device secret detection across ChatGPT, Claude, Gemini, Copilot, Perplexity and more, redact, allow or block.
Engine
The same 58-detector engine, embeddable in your own tools.
$ npm i @sbr0nch/contextia-engineProxy and extension can redact; the plugin blocks, because Claude Code hooks can't rewrite a prompt.
Get started
Claude Code plugin
Native block, no proxy. Self-contained, no CLI needed. Add the marketplace, then install.
$ /plugin marketplace add sbr0nch/contextia$ /plugin install contextia@contextiaBrowser
Submitted to the stores. Approval pending.
Run Contextia across your whole org
SentriKat is the security platform where teams manage vulnerabilities, compliance and now AI-DLP. It's the managed home for Contextia — run it from a console instead of device by device.
- Central rollout — push to every browser and machine from one console
- One policy — set allow / redact / block rules once, org-wide
- Audit & compliance — a searchable log of every secret caught
Protected endpoints
Audit trail
- AWS access keyredactedCursor
- GitHub tokenblockedChatGPT
- DB connection stringredactedTerminal