Permissions Explained

When you install Cogumi AI Shield, Chrome shows a permissions prompt. Here's exactly what we need and why — in plain English.

Why Chrome Shows Permission Warnings

Chrome extensions can request powerful capabilities (reading all websites, accessing your webcam, etc.). Google shows warnings to help you make informed decisions.

Our philosophy: Request only the minimum permissions needed, explain exactly what they're for, and never abuse them.

Permissions We Request

1. Storage

Chrome says: "Read and change your data in chrome.storage"

What we actually do: Store your policy settings, grant history, and audit logs locally on your device (using chrome.storage.local).

What we DON'T do:

• Send this data to external servers
• Share it with third parties
• Use it for analytics

Why we need it: Without storage, your security preferences would reset every time you restart Chrome.

Example data stored:

{
  "policy": {
    "global": { "allowPII": false, "allowSecrets": false },
    "chatgpt.com": { "allowPII": true }
  },
  "auditLog": [
    {
      "timestamp": "2026-01-15T10:30:00Z",
      "agent": "ChatGPT",
      "action": "paste",
      "detection": "API key",
      "decision": "denied"
    }
  ]
}

---

2. Tabs

Chrome says: "Read your browsing history"

Misleading name. We don't read your browsing history. Here's what we actually use this for:

What we do: Check the current tab's URL to determine if you're on an AI agent site (ChatGPT, Claude, etc.).

What we DON'T do:

• Track which sites you visit
• Store browsing history
• Monitor non-AI websites

Code example (from content.ts):

// Only activate on AI agent domains
const AI_AGENTS = [
  'chatgpt.com',
  'claude.ai',
  'bard.google.com',
  'copilot.microsoft.com',
  // ...
];

const currentDomain = new URL(window.location.href).hostname;
if (!AI_AGENTS.includes(currentDomain)) {
  return; // Extension does nothing on non-AI sites
}

Why we need it: To apply the right policy (you might trust your company's internal chatbot but not ChatGPT).

---

3. Host Permissions (https://*/*)

Chrome says: "Read and change all your data on all websites"

Extremely misleading. This is the scariest permission, but here's the reality:

What we do: Inject a content script that intercepts paste events only on AI agent sites.

What we DON'T do:

• Monitor all websites (we only activate on known AI agents)
• Read page contents (we only listen for paste/upload events)
• Modify websites (no ad injection, no tracking pixels)

Full list of domains where we activate:

• chatgpt.com (ChatGPT)
• claude.ai (Anthropic Claude)
• bard.google.com (Google Gemini)
• copilot.microsoft.com (GitHub Copilot)
• poe.com (Poe multi-agent chat)
• huggingface.co (HuggingFace Chat)
• perplexity.ai (Perplexity AI)
• you.com (You.com AI)
• character.ai (Character.AI)

Why we request https://*/* instead of specific domains:

Chrome requires "broad host permissions" for extensions that use content scripts. If we listed only specific domains, the extension would break when:

• New AI agents launch (Gemini, Llama, future tools)
• AI companies change their domains (chatgpt.com → chat.openai.com)
• You use a self-hosted AI agent (company internal tool)

Mitigation: Our code explicitly checks the domain before activating. You can inspect the extension's behavior using Chrome DevTools (Network tab shows zero external requests).

---

4. Idle

Chrome says: "Read and change your idle state"

What we do: Detect when you're away from your computer to auto-revoke time-limited grants.

Example:

1. You allow ChatGPT to access API keys for "10 minutes"
2. You walk away from your desk for 15 minutes
3. The idle detector sees you've been inactive
4. The grant is revoked (next paste will re-prompt)

What we DON'T do:

• Track your activity patterns
• Report idle time to external servers
• Use it for analytics

chrome.idle.queryState(60, (state) => {
  if (state === 'locked' || state === 'idle') {
    revokeExpiredGrants(); // Clear old permissions
  }
});

Why we need it: Without this, a "10-minute grant" would last forever if you never closed Chrome.

---

Permissions We DON'T Request

To demonstrate our commitment to privacy, here are powerful permissions we deliberately avoid:

Cookies

We don't read or modify cookies (no session hijacking).

WebRequest (Network Interception)

We don't intercept network traffic (no HTTPS decryption, no MITM).

Clipboard Read (Unrestricted)

We only read the clipboard when you paste (event-driven, not constant polling).

Downloads

We don't access your downloads (except when you export audit logs, which uses Chrome's standard "Save As" dialog).

Geolocation

We don't care where you are.

Microphone / Camera

Absolutely not.

---

How to Verify Our Claims

You can monitor the extension's behavior using Chrome DevTools:

1. Check network activity:

• Open Chrome DevTools (F12)
• Go to Network tab
• Use the extension
• Expected: Zero external network requests (except to AI agent domains you're using)

2. Inspect storage:

• DevTools → Application → Storage → Extensions → Cogumi AI Shield
• View stored data (policies, audit logs - all local)

3. Review permissions:

The extension manifest lists all requested permissions:

{
  "permissions": [
    "storage",
    "tabs",
    "idle"
  ],
  "host_permissions": [
    "https://*/*"
  ]
}

---

Comparison: Cogumi vs. Traditional Enterprise DLP

Permission	Cogumi AI Shield (Agentic Security)	Typical Enterprise DLP (Traditional)	Why Cogumi Needs Less
Network Access	No	Yes (intercepts HTTPS)	Local-first architecture
All Websites	Yes (but only activates on AI agents)	Yes	We filter by domain in code
Cookies	No	Yes	We don't need session tracking
Browsing History	No	Yes	We only check current tab URL
WebRequest	No	Yes (MITM proxy)	No TLS interception needed

Why traditional DLP tools need more permissions:

• They intercept all network traffic (HTTPS MITM)
• They send data to cloud APIs for classification
• They track user behavior for compliance reports

Why Cogumi needs less:

• Local-first detection (no cloud API calls)
• Domain-filtered activation (only AI agents)
• Agent-aware enforcement (policy decisions happen at the point of interaction)
• Privacy by design (no telemetry infrastructure)

---

Future Permission Requests

If we ever need additional permissions (e.g., for a new feature), we'll:

1. Announce it in the Options Console (in-app notification)
2. Explain why (detailed blog post)
3. Make it optional (disable the feature if you don't approve the permission)
4. Update this page (maintain transparency)

Promise: We will never add analytics, telemetry, or network permissions without explicit user consent.