Is it safe to put company code into Cursor or Copilot?

Not by default. Whatever you paste or open gets sent to the AI provider's servers, including secrets and customer data. Emil sits between your tools and the model and catches API keys, credentials, customer data, and source code before they ever leave.

Can AI coding tools see my API keys and .env files?

Yes, whenever they end up in the files or prompts you send, which is the most common way secrets leak. Emil detects keys, tokens, passwords, and .env values and redacts them before the prompt reaches the model.

Does Emil slow down my AI?

No. Emil screens in the moment and hands the model a clean prompt, so you get the same responses at the same speed.

Does Emil store my prompts or my code?

No. Emil processes your text in memory and keeps only a short screening record (the decision, risk score, and a redacted preview), never the full content. Classification runs on Emil's own infrastructure, is never sent to a third-party model, and is never used for training.

Which tools does Emil work with?

Anything OpenAI-compatible: Cursor, Claude Code, Copilot, Lovable, v0, ChatGPT, Gemini, DeepSeek, Ollama, and self-hosted models. Point your tool at Emil instead of the provider, or use the browser extension if you don't write code.

Do I need to be technical to use it?

No. Developers change one line of config (the base URL). Everyone else uses the one-click browser extension that screens prompts before they reach the AI.

Secure Microsoft Copilot

Use Microsoft Copilot — with sensitive data protected

Emil's browser extension screens what your team types into Copilot, catching PII, secrets, and confidential content before the prompt is sent.

Protect your team For developers

The risk with Microsoft Copilot

Employees paste internal and customer data into Copilot chat.
Sensitive content leaves your control once submitted.
You can't see or prove what was shared.

What Emil catches in Microsoft Copilot

SSNs (with or without dashes), emails, phone numbers, addresses
Account, routing, and credit card numbers
API keys, tokens, and other secrets
Confidential or privileged content via custom rules

How it works

Install the Emil extension — it activates on Microsoft Copilot automatically
Prompts are screened in the browser, before they're sent
Sensitive spans are redacted or you're warned; metadata only is logged

Screening happens locally; only finding metadata (type + severity) is retained, never your content.

Questions

Is Copilot safe for confidential data?

With Emil screening prompts in the browser, sensitive content is redacted before it's sent. Emil adds a data-loss control on top of Copilot.

Does it run on Copilot?

Yes, the Emil extension runs on copilot.microsoft.com.

What does it catch?

PII, financial data, secrets, and confidential content per your policy — including SSNs without dashes.

What's stored?

Only finding metadata, never the content.

Secure other AI tools

ChatGPT Claude Gemini