Sonomos browser extension — overview

The Sonomos browser extension catches sensitive data before AI does — locally, with zero data exfiltration. It’s the right product to install if your AI usage happens inside a web browser (Claude.ai, Gemini, Grok, ChatGPT, and others). If you also use Claude Code in your terminal, pair it with Canary. If you use native AI desktop apps or IDE assistants, those are coming to Sonomos Desktop.

Prototype / proof of concept

The current Sonomos browser extension is an early prototype. It’s released so professionals in regulated industries can validate the local-first PII protection approach in real workflows. Expect rough edges, an evolving UI, and a deliberately small set of fully-supported AI platforms while we focus on getting detection quality right.

A native, system-wide successor — Sonomos Desktop — is in active development. See what’s coming →

The problem

Every time you paste text into ChatGPT, Claude, Gemini, or Grok, you risk exposing personally identifiable information (PII): names, emails, phone numbers, Social Security numbers, medical record numbers, financial identifiers, and more.

For professionals in regulated industries this is a compliance violation waiting to happen — and a hard one to monitor, because the data leaves through ordinary copy-and-paste, not through a system anyone is logging.

How Sonomos solves it

Sonomos runs entirely inside your browser. It uses a layered approach to identify PII in real time:

• Pattern analysis — fast, deterministic matchers for structured PII (SSNs, credit cards, MRNs, IBANs) with built-in validators where applicable.
• On-device AI — small language models that run locally to catch unstructured PII (names, organizations, contextual identifiers) that pure pattern matching would miss.
• Interception, not monitoring — when Cloak is enabled, Sonomos replaces PII in outgoing prompts before the AI platform ever sees them, instead of just warning you after the fact.

Nothing ever leaves your machine. There is no Sonomos cloud that sees your prompts, your detections, or your content.

The three core pieces

Piece	Role
Dagger	The detection engine. 62+ detector categories combining pattern analysis and AI.
Cloak	The masking engine. Intercepts outgoing prompts and redacts PII before it’s sent.
Risk widget	A floating traffic-light indicator (red / amber / green) showing real-time page risk.

When Cloak doesn’t have native support for a site, Send Guard kicks in as a fallback — a banner or blocking modal that warns you before you submit text containing PII.

Who it’s for

Sonomos is built for compliance-conscious professionals and teams in regulated industries:

• Healthcare — HIPAA-covered entities and business associates handling PHI
• Legal — firms processing privileged or work-product client information
• Financial services — institutions subject to PCI-DSS, SOX, GLBA
• HR & people ops — teams managing employee PII, hiring data, and benefits

It’s also useful for anyone who simply doesn’t want their personal information ending up in someone else’s training pipeline.

Local-first, by design

Unlike cloud-based DLP tools, Sonomos processes everything on-device. All detection and masking happens inside your browser — no data is sent to external servers for analysis.

This matters because:

• You don’t have to trust a vendor with the very data you’re trying to protect.
• There’s no new endpoint to add to your network egress allowlist.
• It works the same whether you’re on the corporate network or a hotel Wi-Fi.

The only network traffic Sonomos makes is for account authentication and subscription billing. See the Permissions Reference for the full data-handling table.

What it doesn’t do (yet)

Being clear about scope is part of the prototype:

• Browser-only — it can’t see what you type into Claude Desktop, ChatGPT Desktop, Cursor, Slack, or any other native app. That’s Sonomos Desktop’s job.
• Mobile is unsupported — browser extensions are too constrained on mobile. The desktop app will start with macOS and Windows.
• Not a complete compliance program — Sonomos is a technical safeguard. You still need administrative and physical safeguards, training, and BAAs.

Already coding with AI? Try Canary today

If you use Claude Code, there’s a piece of Sonomos you can install right now: Canary, an open-source PII counter that watches every Claude Code session and keeps a redacted, persistent count of what you’ve shared. Two commands to install, no account, no network calls.

Ready to try it?

1. Install Sonomos — about 60 seconds.
2. Run through the Quickstart — about 2 minutes.
3. Skim the HIPAA guide if you’re in healthcare.