Privacy Policy

The LLM Slop Detector browser extension, web playground, CLI, and VS Code extension make the same four privacy commitments. They all run the same rule engine; they all handle text locally.

1. No network requests. The extension makes no HTTP requests for any user-driven operation. Rule data is bundled at build time and ships inside the extension zip/vsix.
2. No telemetry, analytics, error reporting, or usage logging. Nothing about what you scan, when, how often, or with which settings is sent to the developer or to any third party.
3. User preferences (enabled packs, per-site toggles, read-only mode setting) are stored via chrome.storage.local and never leave your device. storage.sync is deliberately not used, so your per-site disables don't fan out to other devices.
4. Your text stays yours. Text you write, paste, read, or scan is processed entirely in the extension's sandboxed JavaScript context and discarded as soon as the scan produces findings. It is never transmitted, persisted, or logged.

What permissions does the extension ask for, and why?

• storage -- to save your preferences locally. No use of storage.sync.
• host_permissions for http://*/* and https://*/* -- so the content script can inject into any webpage where you might write. The script only reads editor contents; it doesn't send them anywhere.

Source code

Everything is MIT-licensed and reviewable at github.com/mandakan/llm-slop-detector. The scanning logic is in src/core/; you can grep for fetch, XMLHttpRequest, or WebSocket and confirm the extension doesn't call any of them.

Contact

Open an issue at github.com/mandakan/llm-slop-detector/issues or email the publisher at m@thias.se.

Changes to this policy

If this policy ever changes, the new text will live at this same URL and the previous text will remain accessible in the repository's git history. The privacy commitments themselves are not expected to change.