What Surecut Does
Surecut is a browser extension that generates personalized JavaScript scripts from natural language descriptions and injects them into web pages on your behalf. Scripts run locally in your browser.
Data We Collect
- User prompts and page context: When you use built-in AI, prompts and relevant page context are sent to Surecut's API so we can generate scripts using Google Gemini by default, with selected third-party models such as Anthropic Claude and OpenAI GPT available on certain plans or features. We keep only the minimum operational data needed for quotas, abuse prevention, and billing.
- Current page URL: Sent along with your prompt to help generate context-aware scripts. Not stored.
- Scripts & settings: Saved locally in your browser via Chrome Storage API. Never transmitted to our servers.
- Optional custom API keys: If you choose to connect your own supported provider key, such as OpenAI or DeepSeek, the key is stored locally in your browser and not stored on Surecut's servers.
Data We Do NOT Collect
- Browsing history
- Personal information beyond what is needed for sign-in, billing, and support
- Page content or DOM data
- Cookies or authentication tokens
- Any data from pages you visit
Third-Party Services
Surecut relies on third-party infrastructure to deliver the product. Depending on the feature you use, data may be processed by the following services under their own terms and privacy policies:
Permissions
- activeTab: To inject scripts into the current tab when you request it
- scripting: To execute generated JavaScript on web pages
- storage: To save your scripts and settings locally
- sidePanel: To display the Surecut interface
- tabs: To detect page loads and auto-inject saved scripts on matching URLs
Security
All generated scripts undergo static analysis before execution. Dangerous patterns such as eval(), external network requests, and cookie access are blocked. Scripts run in the page context but are reviewed for safety before injection.