litmus is local-first and bring-your-own-key. It has no servers of its own.
Last updated: June 2026
litmus runs entirely inside your browser. Anthropic/the extension author does not operate any server that receives your prompts, API keys, results, or usage. The only network requests litmus makes are directly from your browser to the model provider you choose, in order to run the tests you ask for.
chrome.storage.local) on your device. They are used only to authenticate calls to the matching provider and are never transmitted anywhere else.None of this is sent to litmus or to any third party other than the model provider during a run.
When you run an analysis, generate cases, run a test, or apply fixes, litmus sends the relevant content (your system prompt and the case inputs/outputs) to the provider you selected, using your key:
api.openai.comapi.anthropic.comgenerativelanguage.googleapis.comThat data is handled under that provider's own privacy and data-use policies. Please review the policy of whichever provider you use. litmus does not add itself as an intermediary.
The extension requests only what it needs to function: sidePanel (to show its UI), storage (to keep keys, settings, and version history locally), and activeTab / scripting (to let you grab a prompt from the current page when you click "Grab from this tab"). Host access is limited to the three provider API domains listed above.
Use Delete all keys in Settings to remove stored API keys. Removing the extension from your browser clears all locally stored litmus data, including version history.
If this policy changes, the "Last updated" date above will change with it.