Guide · Updated 2026 · 6 min read
How to stop employees pasting secrets into ChatGPT and other AI tools
Employees paste code, credentials, customer data, and confidential documents into AI tools every day — usually to move faster, rarely with bad intent. The result is the same either way: regulated data leaves your control and lands with a third-party AI provider. This guide covers why it happens and the controls that reliably stop it.
Why AI prompt leaks are different from normal DLP
Traditional DLP watches email, file shares, and cloud storage. AI prompt leaks bypass all of that: the data goes straight from a browser tab to an AI provider's API over HTTPS, never touching the channels legacy DLP inspects.
The leak is also invisible after the fact. Once a prompt is sent, you have no record of what left — no sent-mail copy, no uploaded-file log. Prevention has to happen at the moment of submission, in the browser, or it doesn't happen at all.
What employees actually leak
Across real deployments the same categories show up again and again:
- Source code, stack traces, and config files pasted for debugging — often carrying API keys and secrets
- Cloud credentials: AWS access keys, OAuth tokens, database connection strings
- Customer and employee PII: SSNs, credit-card numbers, personal records
- Confidential documents dropped in as file uploads — contracts, financials, roadmaps
Controls that don't work well (and why)
Blocking AI tools outright fails: employees route around it on personal devices and you lose the productivity anyway. Network proxies and CASBs can see the domain but struggle to inspect encrypted prompt content without heavy MITM infrastructure, and they don't understand file uploads inside a chat.
Policy-and-training helps set expectations but stops nothing in the moment. Post-hoc SaaS scanners discover exposure after the data has already been shared — useful for audit, useless for prevention.
The control that works: browser-level interception
The only place you can reliably scan a prompt is where it's written — the browser. A managed browser extension can patch the page's network calls, read the prompt and any attached files before they send, scan them against your DLP rules, and block anything that matches.
This is exactly what Slopfence does. It runs on ChatGPT, Claude, Gemini and other AI tools, extracts text from uploaded Office and PDF files, scans against ten built-in policies plus your custom rules, and blocks or logs in under a second — with no proxy, no VPN, and no traffic rerouted through external servers.
A rollout that takes an afternoon
A pragmatic sequence for getting real coverage quickly:
- Deploy the browser extension via Chrome/Edge GPO or your MDM, pre-configured for your org
- Start with the ten default policies (SSNs, cards, AWS keys, PII) active on install
- Run in alert-only mode for a week to baseline what your team is actually sending
- Switch high-severity rules to block, and scope stricter rules to Finance, Legal, and Engineering
- Review the audit trail regularly and tune custom rules and fingerprints
Frequently asked
How do I stop employees pasting secrets into ChatGPT?
Deploy a managed browser extension that scans prompts at the moment of submission. Slopfence patches the browser network layer on ChatGPT and other AI tools, scans each prompt and file against your DLP rules, and blocks anything matching — client-side, in real time, with no proxy or VPN.
Can't I just block ChatGPT on the network?
Blocking pushes employees to personal devices and forfeits the productivity. A better approach is to allow AI tools but scan and block only the sensitive content, which keeps the tool usable while preventing leaks.
Does this require a proxy or MITM certificate?
No. Browser-level interception patches the page's own fetch and XHR calls, so there's no certificate to install and no network rerouting. Detection happens in the same tab the user typed in.
Keep reading: how Slopfence works · DLP for ChatGPT
