Security●●Solid
Prompt Guard–MitM proxy that blocks secrets before they reach AI APIs
MITM proxy catches leaked secrets before they hit AI APIs — better than post-hoc scanning.
Solve My ProblemNiche Gem
chaudharydeepak
352mo ago
Back to browse
Kasbah Guard – Free browser extension that catches secrets on GenAI
by AdnaneA·Mar 4, 2026·1 point·0 comments
AI Analysis
●●●BangerSolve My ProblemWizardry
ML-based secret detection stops real leaks before ChatGPT sees them; better accuracy than regex tools.
Strengths
- •Naive Bayes classifier with entropy, bigram, and context features beats regex-based detection (Snyk catches ~30 types; Kasbah catches 50+)
- •100% local processing with zero server calls is genuine privacy win and enables sub-10ms latency
- •Covers rare formats (government IDs in 9 languages, prompt injection) most tools ignore; 91% accuracy with test suite
Weaknesses
- •Browser extension scope limits effectiveness to direct pastes; can't intercept API calls from terminal or IDE
- •Depends on user vigilance to honor blocks; skilled users can bypass
Category
Target Audience
Developers and teams using GenAI tools (ChatGPT, Claude) who risk leaking credentials and sensitive data
Similar To
Snyk · git-secrets · TruffleHog
Post Description
Show HN: Kasbah Guard – Free browser extension that catches API keys before you leak them
We just launched Kasbah Guard, a free browser extension that detects and blocks 50+ secret formats (API keys, tokens, credentials, AWS keys, GitHub PATs, etc.) using ML entropy scoring + context filtering.
It runs 100% locally in your browser (no server calls, no data collection). We built this because existing tools (like Snyk) only catch ~30 secret types, and regex-based detection has too many false positives.
Key innovation: Naive Bayes multi-feature classifier that analyzes Shannon entropy, character transitions, bigram frequency, and context to distinguish real secrets from test fixtures and docstrings.
Live on Chrome, Firefox, Edge, Opera, Safari. All 5 browsers use identical detector.js (263+ tests passing).
Happy to answer questions about the ML model, false positive suppression, or why we built this.
https://bekasbah.com https://chrome.google.com/webstore/detail/kasbah-guard/...
Would love HN feedback!
Similar Projects
Developer Tools●●Solid
Vibecheck – lint for AI-generated code smells (JS/TS/Python)
Catches AI code smells ESLint misses: empty catches, hardcoded secrets, god functions.
Solve My ProblemShip It
yuvrajangads
742mo ago
Security●●Solid
OWASP Agent Memory Guard – Stop AI Agent Memory Poisoning
OWASP-backed security layer specifically for AI agent memory poisoning risks.
Solve My ProblemNiche Gem
vgudur297
405d ago
Security●Mid
Keychase – A zero-config, offline Python secret scanner
Yet another secret scanner when TruffleHog and Gitleaks already dominate this space.
Cozy
Iflal
131mo ago
Security●●Solid
Agent Memory Guard – OWASP defense for AI agent memory poisoning
OWASP reference implementation for ASI06 memory poisoning with LangChain and AutoGen integrations.
Solve My ProblemBig Brain
vgudur297
306d ago
Security●●●Banger
Secret Sanitizer – auto-masks secrets when you paste into AI chats
Intercepts pastes, masks 30+ secret types locally—zero network requests or tracking.
Solve My ProblemSlick
souvikghosh957
103mo ago