ChatShield

Help & Documentation

Everything you need to set up ChatShield, run your team, and get the most out of the dashboard. If you can't find an answer here, email hello@chatshield.ai.

Getting Started

ChatShield is a data loss prevention and AI governance tool. It runs as a browser extension that sits between your staff and the AI tools they use day-to-day, so sensitive business data doesn't accidentally leave the company in a chat window.

What ChatShield does

When a member of staff sends a message in ChatGPT or Claude, the extension intercepts the submission, checks the message against your organisation's rules, and either lets it through, warns the sender, or blocks the message entirely. The check happens locally in the browser before the message is ever transmitted to the AI tool.

What ChatShield does not do

  • It does not scan file uploads. Anything dragged into a ChatGPT or Claude conversation as an attachment is not inspected. We surface a small banner in the conversation as a reminder, but we don't block the upload.
  • It does not store message content. Message text never leaves your browser. ChatShield only receives metadata: which rule triggered, which AI tool, the action taken, and a timestamp.
  • It is not an airtight security perimeter. Staff who want to bypass it can use a different browser, disable the extension, or paste content into an unsupported tool. ChatShield is a governance and training layer, not a hard control.

Supported browsers

Chrome and Edge.

Supported AI platforms

ChatGPT (chat.openai.com) and Claude (claude.ai).

Setting Up Your Account

Signing up

Head to the signup page, enter your work email, and create your organisation. We send a magic link to verify the address. Click it and you're in. A card is collected up front to start the 14-day free trial, but you're not charged until the trial ends.

The three-step onboarding wizard

  1. Review your rules. Every organisation starts with a set of built-in rules covering UK PII, financial details, credentials, and company identifiers. They're enabled by default. Toggle off anything that isn't relevant to your business.
  2. Invite a team member. Send at least one staff invite during onboarding. Your dashboard fills with real activity much faster when there's a teammate using the extension.
  3. Install the extension. We link out to the Chrome Web Store and Microsoft Edge Add-ons. Install it on the same browser you signed up with, then return to the dashboard.
The ChatShield onboarding wizard on step 2, showing the 'Invite a team member' card with an email address input, an optional name field, a primary 'Send invite' button, and a 'Skip for now' link.
Step 2 of the onboarding wizard. Send the first staff invite without leaving the flow.

What to expect on day one

Your dashboard will sit mostly empty until staff start sending messages in ChatGPT or Claude. The first activity event usually appears within a few minutes of an attempted block. Until then, you can spend the time tuning rules and inviting the rest of your team.

Accessing the dashboard

The admin dashboard lives at chatshield.ai/dashboard. We don't use passwords. Every sign-in is a fresh magic link sent to your admin email address. The link expires after 15 minutes, so always click it from the same device you requested it on.

Inviting Your Team

Sending an invite

Head to the Team page in the dashboard. Add a name and email and click Send invite. The staff member receives an email with a unique invite link.

What the staff member sees

The link opens a splash page on chatshield.ai with two checkboxes:

  • Extension installed. Ticks as soon as the extension is detected in the browser. If it's missing, the page shows install buttons for Chrome and Edge.
  • Account connected. Ticks once the extension has paired itself to the invite token. This happens automatically when both boxes can be ticked.
The ChatShield invite splash page that a staff member opens from their invite email. The heading reads 'Join Meridian Legal LLP on ChatShield' with the staff member's email underneath. Two cards sit below: 'Extension installed' with an empty circle indicator and install buttons for the Chrome Web Store and Edge Add-ons, and 'Account connected' with an empty circle indicator and the note 'The extension will connect your account automatically once installed.'
The invite splash page that a staff member opens. Both ticks fill in automatically as soon as the extension is installed and detects the page.

Once both ticks are green, the staff member is set. They don't need to log in to ChatShield ever again. The extension carries the connection. To confirm at any point, click the ChatShield icon in the browser toolbar. A connected popup shows their email, the org name, and the LLM platforms being monitored.

The ChatShield browser extension popup pinned to the toolbar of a ChatGPT tab. Heading reads 'ChatShield' with a green 'Connected' indicator. Below: the staff member's email (olivia.pemberton@meridianlegal.co.uk), the organisation name (Meridian Legal), a 'MONITORING' section with two pills (ChatGPT and Claude), and a 'Sign out' button.
The popup when the extension is paired. Staff can confirm their org and which AI platforms are protected at a glance.

Connection statuses

  • Connected. Extension installed and paired. Messages are being scanned.
  • Pending. Invite sent, link not yet opened or extension not installed.
  • Disconnected. Extension was paired before but is no longer reporting in, usually because it was uninstalled or the token was cleared.

Resending an invite

On the Team page, the row of any staff member with a Pending or Disconnected status shows a Resend action. Click it to send a fresh invite email. The original invite link stays valid for reconnection by the same user, so they can also just open the original email again.

Troubleshooting: extension installed but not connecting

Ask the staff member to open the invite link again from their inbox. Make sure they open it in the same browser the extension is installed in. If Chrome has the extension and they click the link in Edge, it won't pair.

Managing Rules

Built-in rules

ChatShield ships with a default set of rules, grouped into four categories:

  • PII. Email addresses, UK phone numbers, postcodes, National Insurance numbers.
  • Financial. Payment card numbers, UK sort codes, IBANs.
  • Credentials. Common API key patterns, database connection strings.
  • Company. UK VAT numbers, Companies House registration numbers.

Toggling rules on and off

On the Rules page, every built-in rule has an enable/disable switch. Disabled rules don't fire. The message passes through as if the rule didn't exist. Changes take effect the next time the extension pulls its config (within about two minutes).

Changing severity

Each rule has one of three severities:

  • Block. The message cannot be sent. Staff must edit the message and resubmit.
  • Block with override. The message is blocked by default, but staff can click Send anyway to push it through. Overrides are flagged to you on the activity log.
  • Warn. A non-blocking notice. Staff can dismiss and proceed.

Custom rules

Add your own rules from the Custom Rules section at the bottom of the Rules page. Click Add Rule to open the rule builder. Each custom rule needs a name, one or more keywords or phrases, a category, and a severity. You can also write a custom block message that staff will see when the rule fires, and an allow list of values you want this rule to ignore.

The Create Custom Rule dialog open over the Rules page. Fields visible top-to-bottom: Name input with placeholder 'e.g. Internal Project Code', Keywords or phrases input with placeholder 'Type a keyword and press Enter, e.g. Project Aurora', a Case sensitive toggle (off), a Whole word match toggle (off), Category dropdown set to Custom, Severity dropdown set to Block, Allow list input, and Block Message textarea. Cancel and Create Rule buttons sit at the bottom.
The custom rule builder. Add keywords, pick a category and severity, and decide how strictly matches should be made.

Two toggles control how strictly keywords are matched, and both are off by default:

  • Case sensitive. When off, Aurora also matches aurora and AURORA.
  • Whole word match. When on, a keyword only matches when it stands alone. Acme would match Acme but not acmedemo. When off (the default), substring matches fire as well.
The Rules page scrolled to the Custom Rules section. The Client Reference custom rule is visible with a Block severity badge, the custom block message, and an enabled toggle. The end of the built-in Credentials and Company sections is visible above for context.
Once saved, custom rules appear at the bottom of the Rules page alongside the built-ins.

The allow list

Every rule has an allow list: values that will never trigger the rule even if the pattern matches them. Useful when a built-in rule is catching internal addresses or numbers you're happy to share with the AI tool.

Allow list entries are matched case-insensitively as exact strings. On the built-in email rule, the wildcard *@yourcompany.com matches any email address at that domain.

What happens when a rule triggers

Staff see a centred overlay in the AI tool with the rule name and the detected content highlighted. You see an activity event on the dashboard immediately, naming the rule, the staff member, and the action they took.

Understanding Blocks and Warnings

What staff see when a message is blocked

A centred overlay appears in the AI tool. It dims the chat behind it so it's clear the submission is paused. The overlay names each rule that matched (for example, UK Phone Number or National Insurance Number), repeats the rule's short block message, and highlights the triggering text from the message so the staff member can see exactly what to remove. The submission does not go through. The AI tool never receives it.

The ChatShield block overlay open on ChatGPT. Heading reads 'Message Blocked' in red. Two stacked rule cards inside the overlay: 'UK Phone Number' with detected value 07911 123456, and 'National Insurance Number' with detected value AB123456C. A primary 'Edit message' button sits at the bottom alongside a smaller 'Report a mistake' link. The dimmed ChatGPT conversation is visible behind the overlay.
A block triggered by two rules at once. The overlay lists every match so staff know exactly what needs editing out.

Editing and resending

Staff close the overlay, edit the message to remove the offending content, and submit again. The extension re-evaluates from scratch on the new submission.

The override flow

Rules set to block with override show a Send anyway button next to Edit message. Clicking it requires explicit confirmation before the message goes through. The action is logged as an overridden event on the dashboard, so admins can see who overrode which rule and when.

The ChatShield block overlay on ChatGPT for a rule configured as block-with-override. The Email Address rule has caught j.harrison@northlakedevelopments.co.uk and the overlay shows a blue 'Edit message' button alongside a red 'Send anyway' button, with a small 'Report a mistake' link beneath both. The dimmed message draft asking ChatGPT to write a follow-up email is visible behind the overlay.
Block with override severity. Staff can still proceed by clicking Send anyway, and the override is logged to the admin dashboard.

Reporting a false positive

Every block UI includes a Report a mistake link. Clicking it plays a brief tick animation in the overlay and logs the event as a false_positive action. The rule still prevented the submission. False positive reports don't unblock the message, they just help admins know which rules need tuning.

No message content is sent when a false positive is reported. The event records only the rule ID and timestamp.

Warn severity

Warn rules show an amber overlay instead of the red block one. Staff see the rule name, the detected text, and two equal-weight buttons: Edit message and Send anyway. The amber treatment signals “this might be sensitive, take a second look”, whereas the red overlay signals “this cannot leave the company”. The action is logged as a warned event whether staff edit the message or send anyway.

The ChatShield warn overlay on ChatGPT. Heading reads 'Sensitive Data Warning' in amber. Inside the overlay a UK VAT Number card shows the detected value GB123456789. Two buttons at the bottom: a blue 'Edit message' and an amber 'Send anyway'. The dimmed conversation behind shows the user drafting a procurement appendix that mentions the VAT number.
Warn severity uses amber instead of red and always offers Send anyway. Use it for fields where context matters more than a hard block.

The file upload banner

When staff drag a file into a ChatGPT or Claude conversation, a thin informational banner appears at the top of the conversation reminding them that file contents are not scanned by ChatShield. It does not block the upload. It is purely a reminder.

Reading Your Dashboard

The ChatShield admin dashboard for an organisation called Meridian Legal LLP. Six metric cards across the top read Total Messages 234, Blocked 25, Warned 7, Overridden 4, False Positives 2, and Block Rate 11%. An Activity Trend line chart underneath plots the last seven days.
The dashboard at a glance: messaging volume, action breakdown, and the trend chart.

Top-of-page metrics

  • Total messages. Every submission attempt across your organisation, regardless of outcome.
  • Blocked. Submissions stopped by a rule. Includes block-with-override events where staff did not override.
  • Warned. Submissions that fired a warn-severity rule and were sent after dismissing the warning.
  • Overridden. Block-with-override events where staff clicked Send anyway and pushed the message through.
  • False positives. Blocks that staff reported as a mistake using the Report a mistake link.
  • Block rate. Blocked over total messages, expressed as a percentage.

Top triggered rules

A leaderboard of which rules fire most often in your organisation. Worth checking weekly. If one rule is firing far more than the others, it's usually a sign the rule needs tuning or staff need a nudge. The card also surfaces a False +ve column so you can see, at a glance, which rules staff disagree with most.

Top users by infractions

Lists the staff members with the most rule triggers in the period, with a separate column counting how often each person clicked Send anyway. Useful for spotting people who could benefit from extra training. The list isn't a punishment tool. It's a prompt to have a conversation.

The bottom half of the ChatShield dashboard. The Activity Trend chart spans the top, with two cards beneath: Top Triggered Rules (showing Email Address with 12 triggers, Client Reference with 7 triggers and 2 false positives, UK Phone Number with 6, UK Postcode with 3, and National Insurance Number with 3) and Top Users by Infractions (showing James Mitchell with 9 infractions and 1 override, Priya Shah with 8 and 2 overrides, Rebecca Doyle with 5, Daniel Brooks with 4, and Amelia Okafor with 3 and 1 override).
The Top Triggered Rules and Top Users by Infractions cards sit below the chart on the dashboard.

The activity log

A full list of every event, filterable by user, rule, action type, and date range. The action column carries one of five values:

  • blocked. Rule fired, submission prevented.
  • warned. Rule fired with warn severity, staff chose to proceed.
  • sent. Message went through with no rule match.
  • overridden. Block-with-override severity, staff clicked Send anyway.
  • false_positive. Staff reported the block as a mistake.

Activity entries only record metadata: which rule, which AI tool, which user, what action, and when. No message content is stored.

The Activity page filtered to blocked actions. The table lists individual blocked submissions with a timestamp, the staff member's name, the target AI tool (ChatGPT or Claude), a red Blocked status pill, and the rule that fired (including the Client Reference custom rule, NI Number, Email Address, UK Phone Number, Payment Card Number, and API Key).
The activity log with the action filter set to Blocked. Each row tells you who, what, where, and which rule.

The false positives page

A dedicated view of rules with high false-positive rates, calculated as false positive reports over total triggers. If a rule has a consistently high false positive rate, consider:

  • Lowering its severity from block to block with override or warn.
  • Adding the most common false matches to the rule's allow list.
  • Refining the rule's keywords (custom rules only).
The False Positives page. The header cards report 2 total false positives, 1 rule affected, and a highest FP rate of 29 percent. The table sorts every rule with activity by FP rate, with the Client Reference custom rule at the top (7 triggers, 2 false positives, 29 percent), followed by rules with zero false positives.
The False Positives page ranks every rule by how often staff have reported a block as a mistake.

Managing Your Team

The Team page showing the members table for an organisation with 9 staff. The columns are Member, Role, Status, Flagged, Joined, and Actions. The table includes one Admin (Sarah Kendall), a Staff member flagged for training (James Mitchell), four more Connected staff, two Pending staff with Resend buttons (Olivia Pemberton and Marcus Lin), and one Disconnected staff member (Rebecca Doyle).
The Team page with the full status mix: Connected, Pending, Disconnected, and one Flagged for training.

Seats used vs connected

A seat is a staff member you've invited and are being billed for. A connected seat is one where the extension is paired and reporting in. The Team page header shows both. Gaps between them are usually staff who haven't finished installing the extension.

Flagged for training

A staff member can be flagged for training in two ways:

  • Automatic. 5 or more rule infractions in any rolling 7-day window.
  • Manual. An admin clicks Flag for training on the staff member's row.

What happens when a user is flagged

Admins receive an email notification. Optionally, the staff member receives a templated email explaining what was triggered and pointing them at training material. Toggle this on the Settings page if you want staff notified directly.

Unflagging

Open the staff member's row and click Unflag. The flag also drops off automatically if no further infractions occur for the next 7 days.

Adding and removing team members

Add via the Invite button on the Team page. Remove via the Remove button on a staff row. This revokes their extension token immediately, stops them from reconnecting on the existing invite link, and frees up their seat. Removed users keep their activity history for admin reporting, and you can re-invite them later if needed. The user record itself can be permanently deleted on request.

10+ seats

ChatShield's self-serve flow caps automated signup at 10 seats. Above that, click the Contact us button on the billing page. We'll get back to you within one business day to set up a larger plan.

Billing

Trial period

Every new organisation gets a 14-day free trial. A card is required at signup so there's no interruption when the trial ends. You won't be charged until day 15.

What happens at trial end

On day 15, Stripe automatically charges the card on file for the plan you signed up to. The first invoice covers your first paid month. If you cancel before the trial ends, no charge is made.

Changing your plan

Open the Billing page and click Manage subscription. This opens the Stripe customer portal, where you can switch between monthly and annual billing, change plan, or update payment details. Annual billing is two months free compared to monthly.

Adding or removing seats

Inviting a staff member from the Team page automatically increases your seat count on Stripe. Removing a staff member decreases it on the next billing cycle. There's no minimum lock-in. You can drop seats whenever you like, subject to your plan's minimum seat count.

Cancelling

Open Stripe's customer portal from the billing page and click Cancel subscription. Your team keeps access until the end of the current billing period, at which point all extension connections are revoked and the dashboard becomes read-only.

Referral programme

Every organisation gets a unique referral link from the Referral page in the dashboard.

  • For you (the referrer). One free month of ChatShield, applied as Stripe credit, for every referral that completes their trial and makes a first payment.
  • For the referred org. 50% off their first month when they sign up through your link.

Credit is applied automatically: no codes to copy, no claims to file. There's no cap on referrals.

Common Questions

Why is the extension not connecting?

The fastest check is the ChatShield extension icon in the browser toolbar. Click it. If the popup looks like the one below, the extension is installed but has never been paired to your org.

The ChatShield extension popup in its not-connected state. Heading reads 'You are not connected'. Body text: 'Check your email for your ChatShield invite link. Opening it will connect your account automatically.' Below that a smaller note: 'No invite yet? Ask your admin to invite you from the ChatShield dashboard.' At the bottom: a 'Sign up at chatshield.ai' link.
What the popup looks like when the extension has not been paired yet.

Ask the staff member to open their original invite link from their inbox, in the same browser the extension is installed in. The connection happens automatically once both checkboxes on the splash page can tick. After that, clicking the icon should show a green Connected indicator with the org name underneath.

Why did something get blocked that shouldn't have?

Two options. Staff can click Report a mistake in the block overlay. This logs a false positive event you can review on the dashboard. Admins can also add the specific value (or, for email rules, the entire domain via *@yourcompany.com) to the rule's allow list, so that exact value stops triggering the rule.

My team installed the extension but nothing shows in the dashboard.

Open the Team page and check each staff member's connection status. A green Connected pill means the extension has paired successfully. If everyone is connected and the dashboard is still empty, it means nobody has triggered a rule yet. Try sending an obviously-blocked test message (for example, a fake email address) in ChatGPT to confirm.

Does ChatShield work in incognito mode?

Not by default. Chrome and Edge disable extensions in incognito sessions. Staff can manually allow the ChatShield extension in incognito via their browser's extension settings, but we generally recommend treating incognito sessions as out of scope for governance.

What browsers are supported?

Chrome and Edge. Brave also works because it's Chromium-based. Install from the Chrome Web Store.

Does ChatShield read my messages?

Message content is evaluated locally inside the browser extension and is never sent to ChatShield servers. Only metadata leaves the browser: which rule fired, which AI tool was in use, what action was taken (blocked, warned, sent, overridden, or false positive), and a timestamp. No text from your messages is stored, logged, or transmitted, not even in hashed or truncated form.