Browser extension support

Public support reference for NeutralAI Interceptor

This is the canonical support page for browser store review, self-serve installs, and enterprise rollout conversations. It explains the extension’s limited purpose, requested permissions, and the NeutralAI-owned app and API surfaces it interacts with.

Requested permissions

storage

Used to store extension settings, managed policy values, cached auth state, and a bounded retry buffer for telemetry delivery.

activeTab

Used to scope extension interaction to the active supported AI tab when the user opens the popup, instead of requesting broad access to all browsing activity.

scripting

Used to run the extension’s packaged content-script logic on supported AI web apps so sensitive prompt content can be detected and masked before submission.

alarms

Used to schedule lightweight background tasks such as remote configuration refresh and telemetry retry or flush without constant background polling.

tabs

Used to open the NeutralAI sign-in page when an unmanaged user chooses to authenticate from the extension popup.

Support contact

Need help or a review response?

support@neutralai.co.uk
Install pagePrivacy page/.well-known/security.txt

Review notes

Host permissions are limited to supported AI web applications where prompt masking runs, plus NeutralAI-owned app and API domains used for session detection, auth context, masking, remote configuration, and telemetry.

The extension does not use remotely hosted executable code. All executable logic is packaged in the extension bundle. Network requests are only made to NeutralAI APIs for session detection, auth context, masking, remote configuration, and telemetry.

Self-serve users authenticate through the NeutralAI app sign-in path, while enterprise customers can deploy managed policies and force-install the extension through browser management tooling.

Self-serve auth flow

Public app and API endpoints

  • https://app.neutralai.co.uk/auth/signin
  • https://app.neutralai.co.uk/api/auth/session
  • https://app.neutralai.co.uk/api/extension/auth-context
  • https://api.neutralai.co.uk/v1/shield/mask
  • https://api.neutralai.co.uk/api/v1/extension/config
  • https://api.neutralai.co.uk/api/v1/extension/telemetry

Enterprise rollout

Policy-managed deployment

Enterprise customers can deploy NeutralAI Interceptor with managed browser policies so the extension is force-installed, pinned, and locked to organization-controlled NeutralAI endpoints.

That rollout path is separate from self-serve sign-in and is the recommended approach for regulated teams or centrally managed browser fleets.

Review install options