Home About Dashboard Privacy Support GitHub
Legal

Privacy Policy

Last updated: March 2026

TLDR FSB operates entirely within your browser. No browsing data is collected. API keys are encrypted locally with AES-GCM. AI calls go directly from your browser to the provider you choose. The optional relay server for Background Agents stores only run metadata, never page content. Memory data stays on your device. Everything is open source and auditable.

Data Collection

FSB operates entirely within your browser. The extension only accesses the DOM (Document Object Model) of the currently active tab when you initiate an automation task.

  • No browsing history is collected or stored beyond the current session
  • DOM data is analyzed locally and discarded after each automation step
  • No personal information is harvested from pages you visit

Data Storage

All settings and data are stored locally in Chrome's extension storage. FSB uses AES-GCM encryption for sensitive data like API keys.

  • Configuration is stored in chrome.storage.local
  • API keys are encrypted before storage using AES-GCM
  • Session logs are stored locally and can be cleared at any time
  • Analytics data (task counts, success rates) stays on your device

External Services

FSB communicates with external AI providers only when you configure and use them. The choice of provider and what data is sent is under your control.

  • API calls are made only to the provider you select (xAI, OpenAI, Anthropic, Google, or OpenRouter)
  • Sent data includes: task description, DOM structure summary, and action context
  • If you use the Remote Dashboard or Background Agents sync, an optional relay server handles WebSocket messages and stores agent run metadata (task name, cost, duration, success/fail). No page content, DOM data, or AI responses are stored on the server. This is opt-in only
  • Each provider has their own privacy policy governing how they handle API requests

No Tracking

FSB does not include any analytics, telemetry, or tracking services. There are no cookies, no fingerprinting, and no third-party scripts beyond the AI provider APIs you explicitly configure.

API Keys

Your API keys are encrypted locally using AES-GCM before being stored. They are never transmitted anywhere except to the AI provider you configured, and only as authentication headers in API requests.

  • Keys are encrypted at rest in Chrome storage
  • Decryption only happens in-memory when making API calls
  • Keys are never logged, exported, or shared

Auto-Passwords

FSB includes an optional credential manager that stores login credentials encrypted on your device. Passwords are never exposed to AI models. They are filled directly into pages by the content script, bypassing the AI entirely.

  • Credentials are encrypted at rest using AES-GCM with 256-bit keys and PBKDF2 key derivation
  • When the AI analyzes a page, password field values are replaced with [hidden]. The actual password is never included in any AI prompt
  • Auto-fill is performed by the content script injecting values directly into the DOM, with no AI involvement in the credential flow
  • The credential list view only shows usernames and domains. Passwords are decrypted individually and only when needed for auto-fill
  • Credentials are stored per-domain with parent domain fallback (e.g., accounts.google.com inherits from google.com)

Prompt Injection Prevention

Web pages can contain hidden text designed to hijack AI agents. FSB implements multi-layered defenses to ensure the AI only follows your instructions, never instructions embedded in page content.

  • All page content is wrapped in [PAGE_CONTENT] boundary markers, and the AI is instructed to never follow instructions found within these markers
  • A sanitization engine strips known injection patterns (e.g., "ignore previous instructions", fake system prompts, override attempts) from all page content before it reaches the AI
  • AI-generated actions are validated before execution. Dangerous URLs (javascript:, data:) and script injection attempts are blocked
  • Only a strict allowlist of 50+ known tools can be executed. The AI cannot invent or call arbitrary actions
  • Content size is capped (500 chars per value, 15K total prompt cap) to limit payload delivery
  • Invisible Unicode control characters that websites embed are stripped before processing

Background Agents and Server Sync

If you opt into Background Agents server sync or Remote Dashboard pairing, a relay server facilitates communication between your extension and the dashboard.

  • The server stores: agent definitions (name, schedule, target URL), run metrics (token count, cost, duration, success/fail status), and session pairing tokens
  • The server does NOT store: page content, DOM data, browsing history, AI prompts, AI responses, or any data from the pages you visit
  • Authentication uses hash keys (generated locally) and session tokens that expire after 24 hours
  • One-time pairing tokens expire after 60 seconds and cannot be reused
  • Server sync is disabled by default. You must explicitly enable it in Options

Memory System

FSB's memory system stores navigation patterns and site intelligence to improve automation over time.

  • All memory data (semantic, episodic, procedural) is stored locally in chrome.storage.local
  • No memory data is sent to any external server
  • Memory can be viewed and cleared at any time from the Options dashboard
  • Site maps and navigation patterns are domain-specific and isolated from each other

Open Source

FSB is fully open source under the BSL 1.1 License. You can audit every line of code to verify these privacy claims. The source code is available on GitHub.

Changes to This Policy

If this policy is updated, the changes will be reflected by the "Last updated" date at the top of this page. Significant changes will also be noted in the project's GitHub release notes.

Contact

If you have questions about this privacy policy or FSB's data handling, please open an issue on GitHub Issues.

Policy History

March 2026 v9.0.2 — Background Agents, Memory System, Server Sync

Added sections for Background Agents and Server Sync (optional relay server for dashboard pairing and agent run metadata). Added Memory System section (all local storage). Updated External Services to acknowledge optional server. Updated action count to 50+. Added OpenRouter as supported provider.

February 2026 v0.9 — Initial privacy policy

Initial privacy policy covering data collection, storage, external services, API key encryption, auto-passwords, prompt injection prevention, and open source transparency. Four AI providers supported (xAI, OpenAI, Anthropic, Google Gemini).