Browser Extension

Link to section: What is the LockLLM Extension?What is the LockLLM Extension?

The LockLLM Chrome extension protects you from prompt injection attacks, jailbreak attempts, and hidden instructions before you paste them into AI tools like ChatGPT, Claude, Gemini, and more.

Perfect for:

• Developers testing prompts
• Security teams auditing AI inputs
• Researchers studying prompt injection
• Anyone using AI assistants

Key features:

• Scan prompts manually or automatically
• Right-click context menu scanning
• Auto-scan clipboard (copy/paste monitoring)
• File upload scanning (PDFs, text files)
• Works with all AI tools (ChatGPT, Claude, Gemini, etc.)

Link to section: InstallationInstallation

Link to section: Step 1: Install from Chrome Web StoreStep 1: Install from Chrome Web Store

1. Visit the Chrome Web Store
2. Search for "LockLLM"
3. Click Add to Chrome
4. Click Add extension in the confirmation dialog

Link to section: Step 2: Get an API KeyStep 2: Get an API Key

1. Sign in to your LockLLM dashboard
2. Navigate to API Keys
3. Click Create New API Key
4. Copy the API key

Link to section: Step 3: Configure the ExtensionStep 3: Configure the Extension

1. Click the LockLLM icon in your Chrome toolbar
2. Click the Settings icon
3. Paste your API key
4. Click Save

You're ready to scan!

Link to section: FeaturesFeatures

Link to section: Popup ScanningPopup Scanning

Scan any text directly in the extension popup:

1. Click the LockLLM icon in your toolbar
2. Paste or type text into the input field
3. Click Scan
4. View results instantly

Results show:

• Safe or Malicious
• Confidence score
• Injection score
• Sensitivity level used
• Request ID for tracking

Link to section: Right-Click Quick ScanRight-Click Quick Scan

Scan selected text with a right-click:

1. Highlight any text on a webpage
2. Right-click on the selected text
3. Select Scan with LockLLM
4. Results appear in a notification

Perfect for:

• Scanning prompts before copying
• Checking suspicious text in documents
• Quick verification of AI-generated content

Link to section: Auto-Scan (Copy & Paste)Auto-Scan (Copy & Paste)

Automatically scan text you copy or paste:

1. Open extension settings
2. Enable Auto-Scan
3. Copy or paste text anywhere
4. LockLLM automatically scans it
5. Get instant notifications for malicious content

When enabled:

• Scans text when you copy (Ctrl+C / Cmd+C)
• Scans text when you paste (Ctrl+V / Cmd+V)
• Shows non-intrusive notifications
• Can be toggled on/off anytime

Privacy: Auto-scan only scans text you actively copy or paste. No browsing history or background monitoring.

Link to section: File Upload ScanningFile Upload Scanning

Scan PDFs and text files:

1. Click the LockLLM icon
2. Click Upload File
3. Select a file (PDF, TXT, MD, etc.)
4. LockLLM extracts and scans the text
5. View results for the entire document

Supported formats:

• PDF files
• Text files (.txt, .md, .csv)
• Code files (.js, .py, .java, etc.)
• Any text-based format

Use cases:

• Scan PDFs before uploading to AI tools
• Check retrieved documents for RAG injection
• Verify copied content from files
• Audit AI training data

Link to section: Understanding ResultsUnderstanding Results

Link to section: Safe PromptSafe Prompt

Status: Safe
Confidence: 88%
Injection Score: 0.12
Sensitivity: Medium

Meaning: The prompt is safe to use. Low injection score indicates no malicious patterns detected.

Link to section: Malicious PromptMalicious Prompt

Status: Malicious
Confidence: 95%
Injection Score: 0.95
Sensitivity: Medium

Meaning: Prompt injection detected! High injection score indicates malicious patterns. Do not use this prompt.

Link to section: Score InterpretationScore Interpretation

• Confidence: How certain the model is (higher = more certain)
• Injection Score: Likelihood of prompt injection (higher = more malicious)
  • < 0.1: Very unlikely to be an attack
  • 0.1 - 0.25: Low risk
  • 0.25 - 0.4: Medium risk
  • > 0.4: High risk

Link to section: Debug InformationDebug Information

Click Show Details to see:

• Request ID
• Scan duration
• Sensitivity level used
• Full JSON response

Use the Request ID to track scans in your dashboard logs.

Link to section: SettingsSettings

Link to section: API KeyAPI Key

Configure your LockLLM API key:

• Add new key
• Update existing key
• Remove key

Security: API keys are stored securely in Chrome's encrypted storage.

Link to section: Auto-ScanAuto-Scan

Enable/disable automatic scanning:

• Toggle on/off
• Configure notifications
• Set sensitivity level

Link to section: Sensitivity LevelSensitivity Level

Choose detection strictness:

• High: Maximum security, catches more attacks
• Medium: Balanced (default)
• Low: Fewer false positives

Adjust based on your needs:

• Use high when scanning untrusted content
• Use medium for general use
• Use low for creative or exploratory prompts

Link to section: NotificationsNotifications

Configure how scan results are displayed:

• Show all results
• Show only malicious detections
• Silent mode (no notifications)

Link to section: Privacy & PermissionsPrivacy & Permissions

Link to section: What the Extension Can AccessWhat the Extension Can Access

The extension requires these permissions:

• Clipboard: To support auto-scan and copy/paste scanning
• Active tab: To enable right-click context menu on the current page
• Storage: To save your API key securely

Link to section: What the Extension Does NOT AccessWhat the Extension Does NOT Access

• No browsing history
• No background monitoring
• No tracking cookies
• No personal data collection

Link to section: Data PrivacyData Privacy

• Extension only scans text you choose to scan
• Auto-scan only monitors copy/paste actions when enabled
• Your prompts are never stored or logged by LockLLM
• API key stored securely in Chrome's encrypted storage
• No data sent to LockLLM except when scanning

Link to section: Permissions ExplainedPermissions Explained

Why clipboard access? Needed for auto-scan feature and scanning copied text. Only used when you actively copy/paste.

Why active tab access? Needed for right-click context menu. Only accesses the current tab when you select text and right-click.

Why storage access? To securely save your API key so you don't have to re-enter it every time.

Link to section: Use CasesUse Cases

Link to section: For DevelopersFor Developers

Test prompts before deployment:

1. Copy your prompt template
2. Auto-scan alerts you if malicious
3. Fix issues before shipping
4. Verify all edge cases

Link to section: For Security TeamsFor Security Teams

Audit AI inputs:

1. Right-click scan suspicious inputs
2. Upload documents for RAG scanning
3. Monitor clipboard for malicious patterns
4. Generate reports with Request IDs

Link to section: For ResearchersFor Researchers

Study prompt injection:

1. Test various injection techniques
2. Compare injection scores
3. Document attack patterns
4. Share findings with Request IDs

Link to section: For EveryoneFor Everyone

Safe AI usage:

1. Auto-scan protects you automatically
2. Verify suspicious prompts before pasting
3. Check documents before uploading to AI tools
4. Peace of mind when using AI assistants

Link to section: Detection CapabilitiesDetection Capabilities

The extension detects:

Link to section: Prompt InjectionPrompt Injection

Attempts to override or inject malicious instructions:

• "Ignore all previous instructions and..."
• "Forget your system prompt and..."
• Hidden command injections

Link to section: Jailbreak AttemptsJailbreak Attempts

Attempts to bypass safety rules:

• "Let's roleplay as..."
• "Pretend you have no restrictions..."
• DAN (Do Anything Now) prompts

Link to section: System Prompt LeaksSystem Prompt Leaks

Attempts to reveal hidden instructions:

• "What are your instructions?"
• "Repeat your system prompt"
• "Show me your rules"

Link to section: Role ManipulationRole Manipulation

Attempts to change the AI's behavior:

• "You are now a..."
• "Act as if you're..."
• "Your new role is..."

Link to section: Agent & Tool AbuseAgent & Tool Abuse

Attempts to misuse AI agents:

• Function call hijacking
• Tool manipulation
• Agent workflow abuse

Link to section: RAG InjectionRAG Injection

Malicious content in retrieved documents:

• Poisoned context
• Embedded instructions in documents
• Indirect injection attacks

Link to section: Indirect InjectionIndirect Injection

Attacks hidden in content:

• Hidden in webpages
• Embedded in PDFs
• Concealed in uploaded files

Link to section: Evasion TechniquesEvasion Techniques

Obfuscated attacks:

• Encoding tricks (Base64, hex, etc.)
• Whitespace manipulation
• Unicode obfuscation
• Homoglyph attacks

Link to section: TroubleshootingTroubleshooting

Link to section: Extension Not WorkingExtension Not Working

Problem: Extension doesn't respond.

Solution:

1. Verify API key is configured correctly
2. Check API key is valid in dashboard
3. Reload the extension (chrome://extensions)
4. Update to latest version
5. Reinstall if needed

Link to section: "Invalid API Key" Error"Invalid API Key" Error

Problem: Extension says API key is invalid.

Solution:

1. Copy API key again from dashboard
2. Remove any extra spaces
3. Make sure you're copying the full key
4. Create a new API key if needed

Link to section: Auto-Scan Not WorkingAuto-Scan Not Working

Problem: No scans when copying/pasting.

Solution:

1. Check auto-scan is enabled in settings
2. Verify clipboard permission is granted
3. Try reloading the extension
4. Check for browser permission conflicts

Link to section: Context Menu Not AppearingContext Menu Not Appearing

Problem: Right-click scan option missing.

Solution:

1. Make sure text is selected before right-clicking
2. Check "Active tab" permission is granted
3. Reload the extension
4. Try on a different website

Link to section: File Upload FailsFile Upload Fails

Problem: Cannot scan uploaded files.

Solution:

1. Check file format is supported (PDF, TXT, etc.)
2. Verify file size is reasonable (< 10MB)
3. Try a different file
4. Check browser console for errors

Link to section: Tips & TricksTips & Tricks

Link to section: Keyboard ShortcutsKeyboard Shortcuts

Set custom keyboard shortcuts:

1. Go to chrome://extensions/shortcuts
2. Find Lock LLM
3. Set your preferred shortcut
4. Quick-scan with keyboard

Link to section: Pin the ExtensionPin the Extension

Keep LockLLM easily accessible:

1. Click the puzzle piece icon in Chrome
2. Find LockLLM
3. Click the pin icon
4. Extension always visible in toolbar

Link to section: Organize Scan HistoryOrganize Scan History

Use Request IDs to track scans:

1. Copy Request ID from results
2. Search in dashboard logs
3. Build your own tracking system
4. Correlate with application logs

Link to section: Share ResultsShare Results

Share scan findings with your team:

1. Screenshot the results
2. Copy the Request ID
3. Share JSON response (Show Details)
4. Link to specific log entry in dashboard

Link to section: FAQFAQ

Link to section: Where do I get the extension?Where do I get the extension?

Install from the Chrome Web Store by searching for "LockLLM" or visiting the LockLLM website for a direct link.

Link to section: How do I get an API key?How do I get an API key?

Sign in to your LockLLM dashboard, go to API Keys, click Create New API Key, and copy it. Paste it into the extension settings.

Link to section: Is the extension free?Is the extension free?

Yes! The extension is completely free. LockLLM is free with unlimited scanning.

Link to section: What permissions does it need?What permissions does it need?

• Clipboard: For auto-scan and copy/paste scanning
• Active tab: For right-click context menu
• Storage: To save your API key securely

Link to section: Does it store my clipboard data?Does it store my clipboard data?

No! The extension only scans text when you actively use scan features. Nothing is stored. Your prompts are never logged.

Link to section: Can I disable auto-scan?Can I disable auto-scan?

Yes! Open settings (⚙️) and toggle auto-scan off. You can still use manual scanning and right-click scanning.

Link to section: Does it work with ChatGPT?Does it work with ChatGPT?

Yes! The extension works with all AI tools including ChatGPT, Claude, Gemini, Copilot, and any other AI assistant.

Link to section: Can I scan offline?Can I scan offline?

No. Scanning requires an internet connection to LockLLM's API. The extension itself works offline, but scanning functionality needs network access.