Public roadmap

First public release. Chrome + Firefox extension, 100% local processing, team dashboard, Solo / Starter / Business plans.

• ·WebExtensions Manifest V3 (Chrome, Firefox)
• ·7 supported LLM platforms: ChatGPT, Claude, Gemini, Qwen, DeepSeek, OpenRouter, Mistral Le Chat
• ·100% local detection engine: regex pipeline + deterministic validators
• ·22 secret types blocked (AWS, GitHub, OpenAI, Anthropic, Stripe, GCP, Azure, JWT, etc.)
• ·8 strict PII tokenised: EMAIL, PHONE, IBAN (mod97), credit card (Luhn), IPv4/v6, FR NIR, SIREN, SIRET
• ·Silent 14-day Audit mode + Automatic masking mode
• ·Bilingual team dashboard FR+EN with Tenant Anonymization Mode
• ·Plans Solo Free / Solo €5 / Starter €12/seat / Business €8/seat — strictly EU hosting

First major hotfix after launch. New French entity class (banking + person + addresses) covering disassembled bank account info and partial banking details.

• ·French disassembled bank account (RIB): bank code + branch code + account number + key detected together
• ·BIC/SWIFT (ISO 9362): worldwide standard interbank code
• ·Contextual banking entities: FR account number, FR bank code, FR postal code (with city context)
• ·French name detection: regex + INSEE first-name dictionary
• ·French address detection: number + street + postal code + city
• ·"Partial detection — see limits" badge in the extension popup (transparency on what is not yet covered)

Covers cases where the user describes sensitive data without pasting it directly ("my key starts with AKIA...").

• ·Verbalised secret detection (partial or contextual descriptions)
• ·"Force re-authentication" button in the popup for accounts after subscription changes
• ·Hardened heuristics for fragmentation patterns (invisible characters, intentional line breaks)
• ·Extended detection-rating telemetry (quality signal for false-positive triage)

Extends detection beyond the French/European context and covers common obfuscation techniques.

• ·International postal addresses: UK (post code), US (ZIP + state), DE (PLZ), etc.
• ·Encoded content: base64, hex, ROT13, URL-encoded — detection before tokenisation
• ·Unicode lookalike characters (anti-substitution Cyrillic / Greek / mathematical to bypass regex)
• ·Entities split across multiple lines (IBAN cut in two lines, card number in four separated blocks)

Quality jump: proper-name detection via local AI (Chrome Built-in AI + Transformers.js), multilingual, no server calls.

• ·Three-tier hybrid cascade: Chrome Built-in AI (Gemini Nano) → Transformers.js (DistilBERT NER) → heuristic dictionary
• ·Multilingual: FR, EN + 8 additional European languages
• ·Zero server: everything runs in the browser, consistent with our 100% local guarantee
• ·Auditor RBAC role: read-only for DPO / CISO without admin rights
• ·Member self-view toggle: each member can see their own protection stats

Unlocks 50+ seat deployments and large-enterprise IT/security requirements.

• ·SSO / SAML: Okta, Azure AD, Google Workspace SAML — unlocks the Business 50-500 tier
• ·Automatic SCIM provisioning (create / remove / update accounts via directory)
• ·Attachment parsing before upload: PDF, Excel, Word — covers the remaining ~20% of Shadow AI
• ·Extended PII detection: Spain, Germany, Portugal (locale-aware regex + validators)
• ·Custom rules per tenant: tenant-specific regex and entities via dashboard UI
• ·Event webhooks: real-time Slack/Teams alert when a secret is intercepted
• ·Downloadable SOC2-ready audit log: compliance-audit ready

Our vision for SafePrompt beyond the browser — covering AI usage across the whole organisation, wherever sensitive data flows toward an LLM.

• ·CLI / Python + Node SDK: redact secrets in CI/CD pipelines, scripts, logs
• ·OCR on uploaded images: screenshot of an email containing personal data
• ·Non-EU expansion: USD/GBP, CCPA (California), UK GDPR, LGPD (Brazil) compliance
• ·Self-hosted on-premise: Enterprise tier for IT departments refusing any external SaaS
• ·Network gateway proxy mode: alternative to the extension for tightly-managed OSes
• ·Autonomous AI agent integrations: LangChain, AutoGPT, CrewAI via SDK
• ·Research: partial homomorphic encryption, WebLLM/WebGPU for advanced NER detection