AI Data Leakage Prevention
The fastest way to leak a credential is to paste a file into an AI assistant that happens to contain one. SoterAI IDE Guard scans your files, selections, and prompts locally for API keys, tokens, database URLs, and personal data — then redacts them before the context is shared, so sensitive values never leave your editor by accident.
Runs locally in your editor. Secret, PII, prompt-injection, and MCP scanning happen on your machine before anything reaches an AI model.
Recognize common API keys, tokens, private keys, and database connection strings across your workspace.
Flag personal data, including region-specific identifiers, so it can be redacted before sharing.
Replace detected secrets with safe placeholders in a copy of the context, leaving your real files untouched.
Move secrets into a protected local vault, restore placeholders when needed, and generate a safe .env.example without real values.
Plant fake canary secrets and verify they never appear in logs, reports, or AI output — a live test that redaction is working.
Scan the context
Scan the file, selection, or workspace for secrets and PII before sharing anything with AI.
Redact before sharing
Use “Redact Selection for AI” to produce a safe, placeholder-substituted copy to paste or send.
Vault real secrets
Migrate secrets to the protected vault and keep them out of prompts entirely.
Verify with canaries
Confirm redaction end-to-end by checking that planted canaries never leak.
No security tool is perfect. Here is what this feature does not claim to do, so you can layer defenses appropriately.
No. Secret and PII scanning run locally in the extension host. Cloud escalation is opt-in, off by default, and disabled in untrusted workspaces.
You can redact it to a placeholder in the shared copy, move it to a protected vault, or leave your file as-is and simply avoid sharing that span. Your real files are not modified unless you ask.
Use the canary workflow: generate a fake canary secret, plant it, and run the verification commands to confirm it never appears in logs, reports, or AI output.
Install SoterAI IDE Guard and scan secrets, prompts, MCP tools, and terminal commands locally before they ever reach an AI model.
Install for VS Code