How it works

Local by design.
Transparent by necessity.

GhostPrompt operates entirely at the pre-prompt construction stage, on your device, before any content reaches an AI provider. It has no connection to the AI request path and no ability to intercept or modify traffic between you and an AI provider.

What GhostPrompt is not

GhostPrompt operates entirely at the pre-prompt construction stage, on your device, before any content reaches an AI provider. It has no connection to the AI request path and no ability to intercept or modify traffic.

XNot a proxy or middleware layer
XNot a cloud service or API wrapper
XNot security through obscurity
XNot a browser extension that intercepts your traffic
Works with everything you send to AI
Prompts. Documents. Photos.
📝
Text prompts
Pasted text
Sanitize any text before pasting into ChatGPT, Gemini, Copilot, or any AI chat. Entity detection runs in under 200ms, entirely on your device.
📄
Documents
Uploaded files
Process .docx, .pdf, .txt, .md, and .xlsx files before uploading to any AI tool. Full entity detection runs across every page.
📷
Images and photos
Visual content
Detect and redact sensitive text, faces, and identifiable information from images before uploading to vision-capable AI tools.
The workflow
Six steps. Under a minute.

All entity detection runs locally using on-device NLP. No network calls, no cloud processing, no data transmission.

ghostprompt · local · 0 network calls
Sample document being processed:
On March 14, 2024, Sarah Mitchell from Blackstone Advisory in Toronto sent a proposal regarding NovaTech renewal. Contact: s.mitchell@blackstone.com, invoice $142,500.
People
Organizations
Dates
Locations
Contact and financials
6 entities detected · 0ms
01
Paste text or upload your file
Typed prompts, pasted text, .docx, .pdf, .txt, .md, .xlsx, or images. All parsing happens locally. Nothing leaves your device.
02
Entity detection runs instantly
Every sensitive entity identified and color-coded by category. People, organizations, financials, contact data, dates, and custom terms you define. Detection completes in under 200ms.
All detection runs on-device · zero network calls
03
Review the replacement manifest
See every proposed swap before anything is written. Approve, edit, or skip individual entities. Add anything missed to your permanent custom library.
04
Replace and copy the sanitized version
Every sensitive entity replaced with a realistic equivalent. The content remains coherent. The AI receives material it can work with, without any of your real data.
05
Paste or upload to any AI tool
ChatGPT, Gemini, Copilot, Perplexity, and any other AI platform. The AI processes the sanitized content and returns its response.
06
Restore originals in one click
Paste the AI output back. GhostPrompt swaps every placeholder back to the real entity using the locally held replacement map. Your original data never left your machine.
Unique to GhostPrompt · no other tool closes this loop
Technical architecture
Under the hood.

For buyers who need to understand what actually runs on the endpoint and what does not. Implementation details finalize at beta. The architectural commitments below are binding.

Processing location
100% endpoint-local
All entity detection, classification, replacement, and restoration runs in-process on the user's machine. No document content is transmitted to GhostPrompt servers, to cloud inference providers, or to any third party during sanitization or restore operations.
Detection layer
On-device NLP pipeline
Named-entity recognition, pattern-based detection for structured identifiers (emails, phones, IDs, financials), and user-defined custom entity libraries. Models and detection logic ship with the application binary. No runtime model downloads. No cloud inference.
Replacement map
Session-local, encrypted at rest
The mapping from real entities to synthetic replacements is held in a per-session manifest on the user's device. Encrypted at rest using platform-native cryptographic primitives. Retention is controlled by the user. Never transmitted.
Network calls
One outbound path only
Periodic license validation to the GhostPrompt licensing endpoint. Payload is an anonymous device fingerprint plus license key identifier, under 200 bytes. No document data, no entity data, no telemetry. All other outbound paths are absent by design. Verifiable via standard network capture.
AI provider integration
None. Manual copy-paste only.
GhostPrompt does not integrate with AI provider APIs, does not intercept browser traffic, and does not act as a proxy. The user manually pastes the sanitized output into their chosen AI tool and manually pastes the AI response back. This is an intentional architectural choice: no integration surface means no data path GhostPrompt could leak through even in the event of its own compromise.
Platform support
Windows and macOS desktop
Native desktop application. No browser extension, no system-level hooks, no kernel drivers. Runs under the user's own account with no elevated privileges required. Full feature parity across supported platforms at v1.0.
For security reviewers
Full architecture documentation, network capture samples, and control-mapping artifacts (ITSG-33, NIST AI RMF, PIPEDA, GDPR) will be provided on request to organizations evaluating GhostPrompt for regulated deployments. Email hello@ghostprompt.io with your review scope.
Ready to protect your workflow?

500 founding seats total. Subscription-only for new users after that.

Get Early Access