The Zero-Server Model

Security isn't an afterthought; it's our core architecture. JSON Prompt Gen has no backend database.

Most web apps send your input to a server, process it there, and send it back. This creates a "honeypot" for hackers. We eliminated the honeypot entirely by building a strictly client-side application.

Encryption Standards

When you choose to save an API key for convenience, we don't just store it in plain text. We treat it like a bank vault.

• Algorithm: AES-256 (Advanced Encryption Standard, 256-bit key).
• Implementation: We use the Web Crypto API, the browser's native, high-performance cryptographic primitive.
• Key Management: The encryption key itself is managed locally within your secure session context.

Data Sovereignty

Because the app runs on your device (“The Edge”), you maintain absolute sovereignty over your creative data.

• Your templates are stored in `localStorage`.
• Your prompts are generated in-memory.
• Deleting your browser data instantly and permanently wipes all traces of your usage.

Reporting Vulnerabilities

If you perform a security audit and find a vulnerability in our client-side code, please report it immediately.

Report Security Vulnerability