Now in early access

AI privacy that runs on your device

ShieldFlow detects and redacts sensitive information, including names, SSNs, credit cards, and API keys, before your prompts reach any AI service. Everything runs locally. Your data never leaves your machine.

Free for personal usev0.1.0-betaSystem requirementsTerms of Service

How it works

A privacy layer between you and AI

ShieldFlow sits on your machine as a local proxy. When you send a prompt to any supported AI service, ShieldFlow scans it, redacts anything sensitive, and forwards the cleaned version. Responses come back through the same path, restoring context where safe. No cloud. No third-party servers. Just your device.

On-device scanning

PII detection and redaction happen locally, powered by Liquid Foundation Models. Nothing is sent to our servers.

40+ entity types

Detects names, SSNs, credit cards, API keys, medical terms, addresses, and more, across structured and unstructured text.

Works with your tools

Compatible with ChatGPT, Claude, OpenRouter, and more. No configuration needed.

Your keys stay yours

ShieldFlow inspects traffic, not credentials. API keys pass through to the services you already use. We never see them.

You decide what's sensitive

Turn any category on or off and dial detection sensitivity up or down. If names or emails aren't sensitive for your work, or redaction interrupts too often, tune it to fit. Your rules, enforced on your device.

See every decision

A local detection log shows exactly what was found and redacted, with entity types and confidence scores. Nothing is hidden, and nothing leaves your machine.

Verify it works

See it in action in 30 seconds

ShieldFlow works invisibly: your AI experience stays exactly the same, but the AI never sees your real data. To prove it, ask the AI directly whether it received your actual values or placeholder tokens. It can only answer truthfully about what it was given.

Test prompt

I'm sharing some test data: SSN 471-83-2259, email maria.t@gmail.com, and my Amex card is 3782 822463 10005. How many pieces of personal information did I just share? Do you see placeholders in brackets or actual values?

  1. 1

    Send the prompt. Open it in ChatGPT or Claude with one click, or copy and paste it into any other supported service.

  2. 2

    Check the response. The AI should confirm it sees placeholders in brackets, not your actual data, even though your screen shows the original text normally.

  3. 3

    Open the ShieldFlow dashboard to see the full detection log with entity types and confidence scores.

Pricing

Free for personal use

Personal

Free

Full on-device privacy protection. All supported AI services.

Enterprise

Chat with Our Team

Fleet deployment, admin policies, HIPAA/SOC2/GDPR profiles, audit logs, and SSO.

FAQ

Common questions

    • macOSmacOS 13 (Ventura) or later, Apple Silicon
    • WindowsWindows 10 or 11, x64
    • RAM4 GB available (the app uses ~900 MB at peak)
    • Disk~500 MB for the app and classifier model
    • GPUNot required, runs on CPU

    Intel Mac support is on our roadmap. If you're on an Intel Mac, let us know and we'll notify you when it's available.

  • ShieldFlow works with major AI services including ChatGPT, Claude, and OpenRouter, both API and web interfaces where applicable. We add new endpoints regularly. If your preferred service isn't supported yet, let us know at sales@liquid.ai and we'll prioritize it.

  • Yes. All scanning and redaction runs locally on your machine using Liquid Foundation Models. ShieldFlow does not send your prompts, responses, or any content to Liquid AI servers. We collect only anonymous usage telemetry (feature usage, crash reports) to improve the product, never the content you process.

  • ShieldFlow works invisibly: your AI experience stays exactly the same, but the AI never sees your real data. To verify, send a message containing fake sensitive data (a made-up SSN, email, credit card number) and ask the AI: 'Do you see placeholders in brackets or actual values?' The AI can only answer truthfully about what it received, and will confirm it sees placeholder tokens, not your data. The ShieldFlow dashboard also logs every detection with entity type and confidence score. Try the test prompt above.

  • ShieldFlow works as a local proxy: it inspects the content of your requests, not your credentials. Your API keys pass through to the AI services you already use. We never store, collect, or have access to them.

  • Yes. You decide exactly what's treated as sensitive. Click the settings wheel, open the Redaction tab, and check or uncheck any category — Contact, Healthcare, Developer secrets, Legal, and more. If a category interrupts too often or isn't relevant to your work, switch it off. You can also drag the Detection sensitivity slider: lower catches more borderline matches (higher recall, more false positives), higher only redacts confident matches. Save your changes and restart protection to apply them.

  • To scan encrypted traffic to AI services, ShieldFlow installs a local CA certificate on your machine. This certificate is generated on your device, unique to your installation, and never leaves your machine. Only traffic to supported AI services is inspected: all other traffic passes through untouched with its original encryption.

  • Yes. Early-release software that hasn't yet built up reputation with Microsoft's SmartScreen service will trigger this warning. Click More info, then Run anyway to proceed with the installation.

  • Use the in-app feedback button: click the settings wheel, then Feedback. If the app won't launch or install, email us at sales@liquid.ai.

Legal

Terms of Service

These Terms of Service are a binding agreement between you and Liquid AI, Inc. governing your use of ShieldFlow. By downloading, installing, or using ShieldFlow, you agree to these Terms. If you do not agree, do not install or use the Service.

Read the full Terms of Service