{"passport":{"unfragile":{"@version":"1.0","version":"2026-05","artifact":{"id":"tool_maskmyprompt","slug":"maskmyprompt","name":"MaskmyPrompt","type":"product","url":"https://www.maskmyprompt.com","page_url":"https://unfragile.ai/maskmyprompt","categories":["automation"],"tags":[],"pricing":{"model":"free","free":true,"starting_price":null},"status":"active","verified":false},"capabilities":[{"id":"tool_maskmyprompt__cap_0","uri":"capability://safety.moderation.pattern.based.pii.detection.and.masking","name":"pattern-based pii detection and masking","description":"Scans user-provided prompts for common personally identifiable information patterns (names, email addresses, phone numbers, financial account numbers, medical record identifiers) using regex or NLP-based pattern matching, then replaces detected values with anonymized tokens (e.g., [NAME_1], [EMAIL_1]) before transmission to ChatGPT. The system maintains a local mapping table to enable optional de-anonymization of responses post-retrieval, though this mapping is not persisted across sessions by default.","intents":["I need to ask ChatGPT about a patient case without exposing their real name or medical ID","I want to get legal advice on a contract involving specific parties without revealing their identities to OpenAI","I need to debug code that contains API keys or credentials without leaking them to the LLM"],"best_for":["Healthcare professionals handling HIPAA-regulated patient data","Legal practitioners discussing confidential client matters","Finance/compliance teams processing sensitive transaction data","Developers debugging code containing secrets or credentials"],"limitations":["Pattern-based detection has false negatives — context-dependent PII (e.g., 'John' as a person vs. 'john' as a variable name) may not be reliably distinguished","No verification that OpenAI's backend systems don't retain or log the anonymized prompts after receipt","Masking is irreversible without maintaining the local token-to-value mapping, creating a separate data management burden","Effectiveness depends entirely on user correctly identifying what needs masking — no active guidance or validation","No support for domain-specific PII patterns (e.g., medical codes, legal case numbers) beyond common formats"],"requires":["Web browser with JavaScript enabled","Active ChatGPT account or API access","Manual user effort to craft prompts that clearly separate sensitive from non-sensitive content"],"input_types":["plain text prompts","structured text with identifiable fields"],"output_types":["anonymized text prompt","token-to-value mapping (local, session-scoped)"],"categories":["safety-moderation","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"tool_maskmyprompt__cap_1","uri":"capability://automation.workflow.one.click.prompt.anonymization.workflow","name":"one-click prompt anonymization workflow","description":"Provides a streamlined UI that accepts raw prompts, automatically detects and masks PII in a single action, and forwards the sanitized prompt to ChatGPT without requiring users to manually identify or redact sensitive fields. The workflow includes optional review/edit steps where users can verify masked content before submission, reducing friction compared to manual copy-paste redaction.","intents":["I want to quickly anonymize a prompt without spending time manually finding and replacing sensitive data","I need a simple, non-technical way to ensure my prompts don't leak confidential information","I want to review what's being masked before I send it to ChatGPT to ensure nothing important is hidden"],"best_for":["Non-technical professionals in regulated industries who need privacy but lack data engineering skills","Teams seeking a low-friction privacy layer without complex configuration","Organizations wanting to reduce human error in manual data redaction"],"limitations":["One-click automation creates a false sense of security — users may assume all sensitive data is masked when patterns are missed","No active feedback on masking confidence scores or uncertain detections","Workflow assumes users understand what constitutes sensitive data in their domain","No integration with prompt templates or batch processing — each prompt must be manually entered"],"requires":["Web browser access to MaskMyPrompt interface","ChatGPT account or API key for downstream submission"],"input_types":["plain text prompt (copy-pasted or typed)"],"output_types":["anonymized prompt ready for ChatGPT submission","visual diff highlighting masked regions"],"categories":["automation-workflow","safety-moderation"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"tool_maskmyprompt__cap_2","uri":"capability://memory.knowledge.local.session.scoped.token.mapping.and.de.anonymization","name":"local session-scoped token mapping and de-anonymization","description":"Maintains an in-memory mapping table during a browser session that tracks the relationship between original PII values and their anonymized tokens (e.g., {[NAME_1]: 'John Smith', [EMAIL_1]: 'john@example.com'}). After receiving ChatGPT's response, users can optionally trigger de-anonymization to replace tokens back with original values, restoring readability without re-exposing data to OpenAI. The mapping is not persisted across sessions or backed up, requiring users to maintain their own records if long-term reference is needed.","intents":["I want to get ChatGPT's response with the original names and details restored so I can understand the context","I need to share the anonymized prompt and response with colleagues without exposing the original PII","I want to keep the anonymized version for audit purposes while maintaining a local reference to the original data"],"best_for":["Users who need to read responses in context but want to minimize PII exposure to OpenAI","Teams conducting privacy-preserving collaborative reviews of LLM outputs","Professionals maintaining audit trails of anonymized interactions"],"limitations":["Session-scoped storage means the mapping is lost on browser refresh or tab closure — no recovery mechanism","No encryption of the local mapping table, so if browser memory is compromised, the mapping can be extracted","De-anonymization is manual and requires explicit user action — no automatic reverse-substitution in responses","No support for sharing anonymized prompts with colleagues while preserving the ability to de-anonymize (mapping is local-only)","Deterministic token naming ([NAME_1], [EMAIL_1]) makes the mapping structure obvious, potentially aiding inference attacks"],"requires":["Active browser session with MaskMyPrompt loaded","JavaScript execution enabled for in-memory data structures"],"input_types":["anonymized prompt and ChatGPT response"],"output_types":["de-anonymized response with original PII values restored","local token-to-value mapping (JSON or similar)"],"categories":["memory-knowledge","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"tool_maskmyprompt__cap_3","uri":"capability://automation.workflow.free.tier.privacy.access.without.authentication","name":"free-tier privacy access without authentication","description":"Offers core anonymization functionality at no cost and without requiring user registration, login, or API key management. The tool operates entirely client-side in the browser, eliminating the need for backend infrastructure to track users or store session data. This design removes financial and authentication barriers to privacy-conscious AI usage, though it also means no user-specific features, history, or cross-device synchronization.","intents":["I want to try privacy-preserving ChatGPT usage without committing to a paid subscription","I need a quick privacy tool without the friction of creating an account","I want to ensure my data isn't stored on anyone's servers, including MaskMyPrompt's"],"best_for":["Individual professionals exploring privacy-conscious AI workflows","Organizations conducting privacy pilots before enterprise deployment","Users in regulated industries who are skeptical of SaaS data retention"],"limitations":["No user accounts means no history, saved prompts, or cross-device access","No ability to enforce organizational policies or audit user behavior","No premium features, advanced PII detection, or custom masking rules","No support for batch processing or API access for programmatic integration","Entirely dependent on browser capabilities — no backend optimization or advanced ML models"],"requires":["Web browser with JavaScript enabled","No registration, API key, or authentication required"],"input_types":["plain text prompt"],"output_types":["anonymized prompt"],"categories":["automation-workflow","safety-moderation"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"tool_maskmyprompt__cap_4","uri":"capability://safety.moderation.browser.based.client.side.processing.with.no.server.transmission","name":"browser-based client-side processing with no server transmission","description":"Executes all PII detection, masking, and token mapping logic entirely within the user's browser using JavaScript, ensuring that raw prompts and sensitive data never leave the client device before anonymization. The tool does not transmit prompts, mappings, or metadata to MaskMyPrompt servers — only the anonymized prompt is sent to ChatGPT's API. This architecture eliminates MaskMyPrompt as a potential data intermediary, though it also means no server-side logging, analytics, or advanced ML models.","intents":["I need absolute assurance that my sensitive data doesn't pass through any third-party servers before reaching ChatGPT","I want to use a privacy tool without trusting another company with my data","I need to comply with data residency requirements that prohibit data transmission to external services"],"best_for":["Organizations with strict data residency or data sovereignty requirements","Users who distrust cloud-based privacy services and prefer local processing","Regulated industries (healthcare, finance, government) requiring zero-trust architectures"],"limitations":["Pattern-based detection is limited to regex and simple NLP — no access to advanced ML models that could improve accuracy","No server-side logging means no ability to audit or monitor usage patterns for compliance","Browser JavaScript execution is slower than server-side processing, creating latency for large prompts","No ability to update detection patterns or models without requiring users to refresh the page and download new code","Vulnerable to browser-based attacks (XSS, memory inspection) that could expose the local token mapping"],"requires":["Modern web browser with JavaScript enabled","No backend infrastructure or API keys for MaskMyPrompt"],"input_types":["plain text prompt"],"output_types":["anonymized prompt","local token mapping"],"categories":["safety-moderation","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"tool_maskmyprompt__cap_5","uri":"capability://data.processing.analysis.deterministic.token.based.pii.replacement","name":"deterministic token-based pii replacement","description":"Replaces detected PII values with deterministic, human-readable tokens that follow a consistent naming scheme (e.g., [NAME_1], [EMAIL_1], [PHONE_1]) based on the type and order of detection. The same PII value always maps to the same token within a session, enabling consistent reference in multi-turn conversations and allowing users to manually track which token corresponds to which data type. However, the deterministic nature makes the masking structure obvious and potentially vulnerable to inference attacks if an attacker knows the token naming convention.","intents":["I want to reference the same anonymized entity across multiple prompts without losing consistency","I need to understand what type of data was masked (name vs. email vs. phone) from the token name alone","I want to manually verify the masking by comparing token names to the original data"],"best_for":["Users conducting multi-turn conversations where consistency across prompts is critical","Teams manually reviewing anonymized prompts and needing to understand masking structure","Professionals who prefer transparent, human-readable masking over opaque hashing"],"limitations":["Deterministic token naming reveals the masking structure and data types, potentially aiding inference attacks","Token names are predictable ([NAME_1], [NAME_2], etc.), making it easier for attackers to guess the original data distribution","No support for custom token naming schemes or obfuscation strategies","Consistency is only maintained within a single session — tokens are regenerated on page refresh","No collision handling for edge cases where the same PII value appears in different contexts (e.g., 'John' as a name vs. 'John' as part of a company name)"],"requires":["Browser session with MaskMyPrompt loaded","Manual tracking of token-to-value mappings"],"input_types":["plain text with PII values"],"output_types":["text with deterministic tokens replacing PII"],"categories":["data-processing-analysis","safety-moderation"],"confidence":0.5,"matches":0,"success_rate":0}],"trust":{"score":37,"verified":false,"data_access_risk":"high","permissions":["Web browser with JavaScript enabled","Active ChatGPT account or API access","Manual user effort to craft prompts that clearly separate sensitive from non-sensitive content","Web browser access to MaskMyPrompt interface","ChatGPT account or API key for downstream submission","Active browser session with MaskMyPrompt loaded","JavaScript execution enabled for in-memory data structures","No registration, API key, or authentication required","Modern web browser with JavaScript enabled","No backend infrastructure or API keys for MaskMyPrompt"],"failure_modes":["Pattern-based detection has false negatives — context-dependent PII (e.g., 'John' as a person vs. 'john' as a variable name) may not be reliably distinguished","No verification that OpenAI's backend systems don't retain or log the anonymized prompts after receipt","Masking is irreversible without maintaining the local token-to-value mapping, creating a separate data management burden","Effectiveness depends entirely on user correctly identifying what needs masking — no active guidance or validation","No support for domain-specific PII patterns (e.g., medical codes, legal case numbers) beyond common formats","One-click automation creates a false sense of security — users may assume all sensitive data is masked when patterns are missed","No active feedback on masking confidence scores or uncertain detections","Workflow assumes users understand what constitutes sensitive data in their domain","No integration with prompt templates or batch processing — each prompt must be manually entered","Session-scoped storage means the mapping is lost on browser refresh or tab closure — no recovery mechanism","builder identity is not verified yet","no observed match outcomes yet"],"rank_breakdown":{"adoption":0.2833333333333333,"quality":0.63,"ecosystem":0.15000000000000002,"match_graph":0.25,"freshness":0.75,"weights":{"adoption":0.25,"quality":0.25,"ecosystem":0.1,"match_graph":0.35,"freshness":0.05}},"observed_outcomes":{"matches":0,"success_rate":0,"avg_confidence":0,"top_intents":[],"last_matched_at":null},"maintenance":{"status":"active","updated_at":"2026-05-24T12:16:31.857Z","last_scraped_at":"2026-04-05T13:23:42.562Z","last_commit":null},"community":{"stars":null,"forks":null,"weekly_downloads":null,"model_downloads":null,"model_likes":null}},"distribution":{"claim_url":"https://unfragile.ai/submit?claim=maskmyprompt","compare_url":"https://unfragile.ai/compare?artifact=maskmyprompt"}},"signature":"7UGLDsOxArupimloyK+dCUHJJz6wCN4Rlrl9s/V6xKCqGd8UV3gY+xpwoznn45YmO4yNLuhMFMhWZ2cvW3r+Dg==","signedAt":"2026-06-23T01:54:36.310Z","signedBy":"unfragile.ai","version":1},"_links":{"self":"https://unfragile.ai/api/v1/passport/maskmyprompt","artifact":"https://unfragile.ai/maskmyprompt","verify":"https://unfragile.ai/api/v1/verify?slug=maskmyprompt","publicKey":"https://unfragile.ai/api/v1/trust-passport-public-key","spec":"https://unfragile.ai/trust","schema":"https://unfragile.ai/schema.json","docs":"https://unfragile.ai/docs"}}