Is "ChatWall - Anonymise & Mask Private Data for AI" on Firefox Add-ons Safe to Install?
Secure your AI prompts and maintain digital sovereignty. Mask and anonymise sensitive private data locally on your device before sending it to ChatGPT, Gemini, or other LLMs. ChatWall is a privacy extension that ensures 100% local processing. We prevent private data leaks and ensure GDPR compliance through real-time anonymisation of PII (Personally Identifiable Information). Key Advantages: 🛡️ Client-Side Masking: Your data is masked locally on your device. Sensitive data never leaves your browser. 🔓 Smart Unmasking: Seamlessly restores original data in AI responses, so your workflow remains uninterrupted. 📂 Open Source: Our code is public and audit-ready. Trust is earned through transparency—you can verify exactly how your data is handled. 🔒 Real-Time Protection: Instantly detects names, emails, phones, credit cards, and other private data as you type. ✅ Works with major AI websites: Including ChatGPT, Gemini, and many others ... 💼 Enterprise-Grade Security: Designed for professionals and teams who need to ensure GDPR/CCPA compliance while leveraging the power of modern AI. How it works: 🔒 Masking: You type "[email protected]" ChatWall detects an email and sends "[EMAIL_1]" to the AI. 🔓 Unmasking: When the AI replies " [EMAIL_1]", ChatWall automatically restores it to "[email protected]" on your screen. You work naturally with your real data, but the AI provider only ever sees the anonymous tokens. Why trust us? ✅ 💻 Local-First Architecture: ChatWall is built so your data never leaves your device. All masking and anonymization processes happen strictly within your browser. 🛡️ Securely Isolated: Your input is processed in a secure sandbox, making it invisible to the host AI website. While session data is wiped instantly when you close your tab, your persistent favorites remain stored strictly on your own disk. 🔍 Total Transparency: Trust is earned through transparency. Our code is "Source Available" on GitHub, allowing you or your security team to verify exactly how your data is handled
Risk Assessment
Analyzed295 security findings detected across all analyzers
Firefox extension requesting 15 permissions
Severity Breakdown
Finding Categories
YARA Rules Matched
11 rules(144 hits)Requested Permissions
15 permissionsRead data from your clipboard
About This Extension
Detailed Findings
149 totalYARA Rule Matches
11 rulesIndicators of Compromise
Network indicators, suspicious strings, and potential IoCs extracted during analysis
All Indicators · 142
detected URL: https://chatwall.io/support.html#docs XIOC detected URL: https://chatwall.io/support.html#docs
extracted_from_files
detected Domain: nodefilter.show XIOC detected Domain: nodefilter.show
extracted_from_files
detected Domain: t.top-i.top XIOC detected Domain: t.top-i.top
extracted_from_files
detected Domain: window.innerheight-t.top XIOC detected Domain: window.innerheight-t.top
extracted_from_files
detected URL: https://github.com/joelacus/world-cities), XIOC detected URL: https://github.com/joelacus/world-cities),
extracted_from_files
detected URL: https://chatwall.io XIOC detected URL: https://chatwall.io
extracted_from_files
detected URL: https://chatwall.io/#pricing XIOC detected URL: https://chatwall.io/#pricing
extracted_from_files
detected URL: https://chatwall.io/forgot-password.html XIOC detected URL: https://chatwall.io/forgot-password.html
extracted_from_files
detected URL: https://chatwall.io/img/sc1.png) XIOC detected URL: https://chatwall.io/img/sc1.png)
extracted_from_files
detected URL: https://chatwall.io/img/sc3.png) XIOC detected URL: https://chatwall.io/img/sc3.png)
extracted_from_files
detected URL: https://www.youtube.com/watch?v=lpoiyVhf08w)](https://www.youtube.com/watch?v=lpoiyVhf08w) XIOC detected URL: https://www.youtube.com/watch?v=lpoiyVhf08w)](https://www.youtube.com/watch?v=lpoiyVhf08w)
extracted_from_files
detected URL: https://chatwall.io/index.html#download) XIOC detected URL: https://chatwall.io/index.html#download)
extracted_from_files
detected URL: https://chatwall.io/support.html) XIOC detected URL: https://chatwall.io/support.html)
extracted_from_files
detected URL: https://www.conventionalcommits.org/) XIOC detected URL: https://www.conventionalcommits.org/)
extracted_from_files
detected URL: https://chatwall.io/support.html XIOC detected URL: https://chatwall.io/support.html
extracted_from_files
detected Domain: chatwall-toast.show XIOC detected Domain: chatwall-toast.show
extracted_from_files
detected Domain: company.com XIOC detected Domain: company.com
extracted_from_files
detected URL: https://github.com/ChatWall-io/chatwall), XIOC detected URL: https://github.com/ChatWall-io/chatwall),
extracted_from_files
detected URL: http://addons.mozilla.org/ca/crl.pem0N XIOC detected URL: http://addons.mozilla.org/ca/crl.pem0N
extracted_from_files
detected URL: https://chatwall.io) XIOC detected URL: https://chatwall.io)
extracted_from_files
detected Domain: gemini.google.com XIOC detected Domain: gemini.google.com
extracted_from_files
detected Domain: claude.ai XIOC detected Domain: claude.ai
extracted_from_files
detected Domain: grok.com XIOC detected Domain: grok.com
extracted_from_files
detected Domain: x.com XIOC detected Domain: x.com
extracted_from_files
detected Domain: copilot.microsoft.com XIOC detected Domain: copilot.microsoft.com
extracted_from_files
detected Domain: chat.deepseek.com XIOC detected Domain: chat.deepseek.com
extracted_from_files
detected Domain: li.menu XIOC detected Domain: li.menu
extracted_from_files
detected Domain: b.id XIOC detected Domain: b.id
extracted_from_files
detected Domain: creativecommons.org XIOC detected Domain: creativecommons.org
extracted_from_files
detected Domain: www.apache.org XIOC detected Domain: www.apache.org
extracted_from_files
detected Domain: o.map XIOC detected Domain: o.map
extracted_from_files
detected Domain: www.inkscape.org XIOC detected Domain: www.inkscape.org
extracted_from_files
detected Domain: sodipodi.sourceforge.net XIOC detected Domain: sodipodi.sourceforge.net
extracted_from_files
detected Domain: chat.openai.com XIOC detected Domain: chat.openai.com
extracted_from_files
detected Domain: y.style.top XIOC detected Domain: y.style.top
extracted_from_files
detected Domain: g.map XIOC detected Domain: g.map
extracted_from_files
detected URL: http://www.apache.org/licenses/LICENSE-2.0 XIOC detected URL: http://www.apache.org/licenses/LICENSE-2.0
extracted_from_files
detected URL: https://creativecommons.org/licenses/by/4.0/ XIOC detected URL: https://creativecommons.org/licenses/by/4.0/
extracted_from_files
detected Domain: inputoverlaybackdrop.id XIOC detected Domain: inputoverlaybackdrop.id
extracted_from_files
detected Domain: inputoverlaybackdrop.style XIOC detected Domain: inputoverlaybackdrop.style
extracted_from_files
detected Domain: g.id XIOC detected Domain: g.id
extracted_from_files
detected Domain: r.help XIOC detected Domain: r.help
extracted_from_files
detected Domain: o.info XIOC detected Domain: o.info
extracted_from_files
detected Domain: inputoverlaycontainer.style.top XIOC detected Domain: inputoverlaycontainer.style.top
extracted_from_files
detected Domain: inputoverlaycontainer.style XIOC detected Domain: inputoverlaycontainer.style
extracted_from_files
detected Domain: inputoverlaycontainer.id XIOC detected Domain: inputoverlaycontainer.id
extracted_from_files
detected Domain: y.id XIOC detected Domain: y.id
extracted_from_files
detected URL: https://github.com/ChatWall-io/chatwall XIOC detected URL: https://github.com/ChatWall-io/chatwall
extracted_from_files
detected Domain: w.style XIOC detected Domain: w.style
extracted_from_files
detected Domain: k.style XIOC detected Domain: k.style
extracted_from_files
detected Domain: v.id XIOC detected Domain: v.id
extracted_from_files
detected Domain: j.style XIOC detected Domain: j.style
extracted_from_files
detected Domain: n.target XIOC detected Domain: n.target
extracted_from_files
detected Domain: a.style XIOC detected Domain: a.style
extracted_from_files
detected Domain: c.style XIOC detected Domain: c.style
extracted_from_files
detected Domain: i.id XIOC detected Domain: i.id
extracted_from_files
detected Domain: i.style XIOC detected Domain: i.style
extracted_from_files
detected Domain: x.id XIOC detected Domain: x.id
extracted_from_files
detected Domain: x.style XIOC detected Domain: x.style
extracted_from_files
detected Domain: m.style XIOC detected Domain: m.style
extracted_from_files
detected Domain: m.target XIOC detected Domain: m.target
extracted_from_files
detected Domain: a.style.top XIOC detected Domain: a.style.top
extracted_from_files
detected Domain: t.style.top XIOC detected Domain: t.style.top
extracted_from_files
detected Domain: e.select XIOC detected Domain: e.select
extracted_from_files
detected Domain: e.target.id XIOC detected Domain: e.target.id
extracted_from_files
detected Domain: n.style XIOC detected Domain: n.style
extracted_from_files
detected Domain: o.style XIOC detected Domain: o.style
extracted_from_files
detected Domain: d.style XIOC detected Domain: d.style
extracted_from_files
detected Domain: l.style XIOC detected Domain: l.style
extracted_from_files
detected Domain: e.target XIOC detected Domain: e.target
extracted_from_files
detected Domain: reopenbadge.style.top XIOC detected Domain: reopenbadge.style.top
extracted_from_files
detected Domain: window.open XIOC detected Domain: window.open
extracted_from_files
detected Domain: x.target XIOC detected Domain: x.target
extracted_from_files
detected Domain: b.target XIOC detected Domain: b.target
extracted_from_files
detected Domain: unmaskbtn.style.top XIOC detected Domain: unmaskbtn.style.top
extracted_from_files
detected Domain: o.top XIOC detected Domain: o.top
extracted_from_files
detected Domain: r.top XIOC detected Domain: r.top
extracted_from_files
detected Domain: o.style.top XIOC detected Domain: o.style.top
extracted_from_files
detected Domain: decisionpopup.style XIOC detected Domain: decisionpopup.style
extracted_from_files
detected Domain: decisionpopup.style.top XIOC detected Domain: decisionpopup.style.top
extracted_from_files
detected Domain: r.style XIOC detected Domain: r.style
extracted_from_files
detected Domain: e.id XIOC detected Domain: e.id
extracted_from_files
detected Domain: e.style XIOC detected Domain: e.style
extracted_from_files
detected Domain: e.style.top XIOC detected Domain: e.style.top
extracted_from_files
detected Domain: t.target XIOC detected Domain: t.target
extracted_from_files
detected Domain: t.top XIOC detected Domain: t.top
extracted_from_files
detected Domain: n.top XIOC detected Domain: n.top
extracted_from_files
detected Domain: floatbtn.style.top XIOC detected Domain: floatbtn.style.top
extracted_from_files
detected Domain: s.style.top XIOC detected Domain: s.style.top
extracted_from_files
detected Domain: e.top XIOC detected Domain: e.top
extracted_from_files
detected Domain: n.style.top XIOC detected Domain: n.style.top
extracted_from_files
detected Domain: n.id XIOC detected Domain: n.id
extracted_from_files
detected Domain: chatwall-float-btn.cw XIOC detected Domain: chatwall-float-btn.cw
extracted_from_files
detected Domain: floatbtn.id XIOC detected Domain: floatbtn.id
extracted_from_files
detected Domain: f.id XIOC detected Domain: f.id
extracted_from_files
detected Domain: y.style XIOC detected Domain: y.style
extracted_from_files
detected Domain: b.style XIOC detected Domain: b.style
extracted_from_files
detected Domain: navigator.clipboard.read XIOC detected Domain: navigator.clipboard.read
extracted_from_files
detected Domain: overlaycontainer.id XIOC detected Domain: overlaycontainer.id
extracted_from_files
detected Domain: overlaycontainer.style XIOC detected Domain: overlaycontainer.style
extracted_from_files
detected Domain: o.id XIOC detected Domain: o.id
extracted_from_files
detected Domain: s.style XIOC detected Domain: s.style
extracted_from_files
detected Domain: s.id XIOC detected Domain: s.id
extracted_from_files
detected Domain: date.now XIOC detected Domain: date.now
extracted_from_files
detected Domain: a.id XIOC detected Domain: a.id
extracted_from_files
detected Domain: e.name XIOC detected Domain: e.name
extracted_from_files
detected Domain: unmaskbtn.id XIOC detected Domain: unmaskbtn.id
extracted_from_files
detected Domain: r.call XIOC detected Domain: r.call
extracted_from_files
detected Domain: t.style XIOC detected Domain: t.style
extracted_from_files
detected Domain: chatwall.io XIOC detected Domain: chatwall.io
extracted_from_files
detected Domain: ta23e73ed40aaaa0c017a2cbd0c40f8ab.cfa9e3449137d86d3192b2e8572092c5.addons.mozilla.org XIOC detected Domain: ta23e73ed40aaaa0c017a2cbd0c40f8ab.cfa9e3449137d86d3192b2e8572092c5.addons.mozilla.org
extracted_from_files
detected Domain: www.youtube.com XIOC detected Domain: www.youtube.com
extracted_from_files
detected Domain: www.conventionalcommits.org XIOC detected Domain: www.conventionalcommits.org
extracted_from_files
detected Domain: chatgpt.com XIOC detected Domain: chatgpt.com
extracted_from_files
detected Domain: chrome.storage XIOC detected Domain: chrome.storage
extracted_from_files
detected Domain: chrome.management XIOC detected Domain: chrome.management
extracted_from_files
detected IP: ac::bef XIOC detected IP: ac::bef
extracted_from_files
detected IP: d::bef XIOC detected IP: d::bef
extracted_from_files
detected Domain: github.com XIOC detected Domain: github.com
extracted_from_files
detected Domain: readme.md XIOC detected Domain: readme.md
extracted_from_files
detected Domain: signingca1.addons.mozilla.org XIOC detected Domain: signingca1.addons.mozilla.org
extracted_from_files
detected Domain: mozilla.com XIOC detected Domain: mozilla.com
extracted_from_files
detected Domain: content-signature.mozilla.org XIOC detected Domain: content-signature.mozilla.org
extracted_from_files
detected IP: ::bef XIOC detected IP: ::bef
extracted_from_files
detected IP: ::af XIOC detected IP: ::af
extracted_from_files
detected IP: a:: XIOC detected IP: a::
extracted_from_files
detected IP: e::af XIOC detected IP: e::af
extracted_from_files
detected IP: e::bef XIOC detected IP: e::bef
extracted_from_files
detected IP: c::bef XIOC detected IP: c::bef
extracted_from_files
detected IP: cb::bef XIOC detected IP: cb::bef
extracted_from_files
detected URL: https://chatwall.io/login.html XIOC detected URL: https://chatwall.io/login.html
extracted_from_files
detected MD5 Hash: cfa9e3449137d86d3192b2e8572092c5 XIOC detected MD5 Hash: cfa9e3449137d86d3192b2e8572092c5
extracted_from_files
detected URL: https://chatwall.io/api/verify-license XIOC detected URL: https://chatwall.io/api/verify-license
extracted_from_files
detected URL: http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd XIOC detected URL: http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd
extracted_from_files
detected URL: http://www.inkscape.org/namespaces/inkscape XIOC detected URL: http://www.inkscape.org/namespaces/inkscape
extracted_from_files
detected URL: http://www.inkscape.org/) XIOC detected URL: http://www.inkscape.org/)
extracted_from_files
detected IP: ::0 XIOC detected IP: ::0
extracted_from_files
detected URL: https://chatwall.io/terms.html XIOC detected URL: https://chatwall.io/terms.html
extracted_from_files
detected Domain: t.id XIOC detected Domain: t.id
extracted_from_files
detected Domain: e.email XIOC detected Domain: e.email
extracted_from_files
AI Security Report
AI Security Review
Risky Plugins reviewed this extension with an AI-assisted security workflow on 2026-04-15. The review verdict is benign but powerful with 70% confidence.
Recommended action: no action.
Risk context: CRITICAL risk, score 100/100.
Evidence context: threat category none; evidence quality weak.
Assessment: Local Privacy Tool (Unverified)
This extension is marketed as a local 'Privacy Firewall' for Large Language Models (LLMs). Its stated purpose is to mask Personally Identifiable Information (PII) and private data locally before it is transmitted to AI services like ChatGPT. This capability—modifying web traffic and reading page content to identify sensitive text—requires broad permissions, which aligns with the 'benign_but_powerful' classification.
Static Analysis Results: The scan yielded no malware signatures, no suspicious network indicators, and no obfuscated code. This effectively rules out common threats like credential theft, typosquatting, and data exfiltration to external command-and-control servers.
Trustworthiness: While the code appears clean, the extension lacks a named developer and has a very small user base. While this is not malicious, it indicates the tool is immature or possibly abandoned. Users should verify that the tool behaves as promised (local processing) before relying on it for high-security environments.
Key Reasons
- No security findings detected in the static analysis.
- Functional behavior matches the benign description (local PII masking).
- No evidence of external data transmission or hijacking.
False Positive Considerations
- N/A - No findings were generated to analyze.
Source Code Not Available
Source code is not available for this version of the extension.
Frequently Asked Questions
Similar Extensions
Related extensions from the same publisher or marketplace