What Surecut Does
Surecut is a browser extension that generates personalized JavaScript scripts from natural language descriptions and injects them into web pages on your behalf. Scripts run locally in your browser.
Data We Collect
- User prompts: Your natural language descriptions are sent to the LLM provider you configure (OpenAI or DeepSeek) to generate scripts. We do not store or log these prompts on our servers.
- Current page URL: Sent along with your prompt to help generate context-aware scripts. Not stored.
- Scripts & settings: Saved locally in your browser via Chrome Storage API. Never transmitted to our servers.
- API keys: Stored locally in your browser. Never transmitted to our servers.
Data We Do NOT Collect
- Browsing history
- Personal information (name, email, etc.) — unless you join our waitlist
- Page content or DOM data
- Cookies or authentication tokens
- Any data from pages you visit
Third-Party Services
When you use the AI script generation feature, your prompt and the current page URL are sent to your configured LLM provider (OpenAI or DeepSeek). These services have their own privacy policies:
Permissions
- activeTab: To inject scripts into the current tab when you request it
- scripting: To execute generated JavaScript on web pages
- storage: To save your scripts and settings locally
- sidePanel: To display the Surecut interface
- tabs: To detect page loads and auto-inject saved scripts on matching URLs
Security
All generated scripts undergo static analysis before execution. Dangerous patterns such as eval(), external network requests, and cookie access are blocked. Scripts run in the page context but are reviewed for safety before injection.