Quick Start
From zero to full AI visibility in 5 minutes.
Scan your AI chat history
See what secrets are already in your AI prompts. Takes 15 seconds.
Requires Python 3.8+. Scans Claude, Cursor, Copilot, ChatGPT, and 35+ more AI tools. 100% local.
Install the proxy
The proxy sits between your AI tools and the internet. It scans every request in real-time.
What install.sh does:
- 1. Downloads the CitrusGlaze binary for your platform
- 2. Generates a local root CA certificate
- 3. Prompts you to trust the CA (required for HTTPS inspection)
- 4. Installs the nono sandbox for filesystem/process isolation
- 5. Creates the configuration at
~/.citrusglaze/
Use your AI tools normally
The proxy intercepts AI traffic transparently. Use your tools as usual.
What it detects
CRITICAL
- AWS access keys & secret keys
- RSA/EC/Ed25519 private keys
- Database connection URIs
- GCP service account keys
- Azure subscription keys
HIGH
- GitHub/GitLab/Bitbucket tokens
- Slack/Discord webhooks & tokens
- Stripe/PayPal API keys
- JWT tokens
- OpenAI/Anthropic/Google AI keys
254+ total patterns. Full list in the GitHub repo.
Compatible AI tools
15/15 end-to-end compatibility tests pass. Zero performance degradation.
Troubleshooting
Certificate trust error ▾
The proxy needs a trusted root CA to inspect HTTPS traffic. Run:
This adds the CitrusGlaze CA to your system keychain. You'll be prompted for your macOS password.
Tool not working through the proxy ▾
Some tools use custom certificate stores. Set the environment variable:
Or use citrusglaze wrap which sets these automatically.
Proxy not starting ▾
Check if port 8888 is already in use:
If another process is using the port, stop it or configure a different port in ~/.citrusglaze/config.toml.