Local processing
The web cleaner and extension redact text on the device. PasteShield does not send original text, cleaned text, replacement maps, files, or custom terms to a PasteShield server in the current MVP.
Security model
PasteShield is a local-first guardrail, not a cloud redaction service.
The current MVP is intentionally simple: text is processed in the browser with local JavaScript rules, and the Chrome extension runs those same rules on supported sites. This page explains the trust boundary for founder buyers and reviewers.
Extension scope
The extension is limited to supported AI, developer, forum, and support hosts. It inserts a local Clean button and reads the active text field only when the user asks it to clean.
activeTab permission
activeTab is used for explicit user actions from the popup or Alt+Shift+S shortcut. It lets PasteShield send a local clean request to the current supported tab without broad all-sites access.
Background worker
The background service worker listens for the keyboard shortcut and forwards the command to the active tab. It does not store text, fetch remote services, or process content off-device.
Stored locally
Custom terms are stored in browser or extension storage on the same device. Local impact and funnel counters are also browser-local and are exportable by the user.
No account layer
The current cleaner does not require an account, hosted workspace, sync service, or server-side history. Payment is handled by the configured checkout provider.
Known limitations
PasteShield is not enterprise DLP, legal compliance software, SSO, audit logging, policy enforcement, or a guarantee that every possible secret will be detected.
Safe workflow
Users should still review cleaned output before sharing. Use Report miss with redacted examples to improve rules without sending real secrets.
Last updated: June 17, 2026. Keep this page conservative until the product has formal audits, enterprise controls, or counsel-reviewed compliance language.