When we launched Cabeza, the core mission was simple: give LLMs like ChatGPT, Claude, and Gemini persistent session awareness, eliminating the need for you to endlessly repeat yourself and constantly remind AI of facts and decisions you’ve already made.
To achieve true “invisible” context integration, we are introducing our advanced Context Engine. Because this feature modifies how your browser communicates with the LLM frontend, we want to be radically transparent about exactly how it works under the hood, why we built it this way, and how we guarantee your privacy.
The Problem: The React Wall
Initially, inserting context into an LLM chat seems straightforward: just programmatically paste the text into the chat box. However, modern AI interfaces are built on complex frameworks like React. These “controlled components” aggressively reject external modifications to their textareas. If a script tries to paste text in, the Virtual DOM simply overwrites it or ignores it when the user hits send.
The fallback is a clunky “visible injection,” (which is what v1 of Cabeza does, but it’s ugly) where the userโs prompt is wrapped in a massive wall of [Cabeza Memory] text. It clutters the screen, ruins the UI experience, and breaks the illusion of a naturally aware AI.
The Solution: The MAIN World Fetch Interceptor (in an upcoming v1.+ Cabeza update)
To solve this, we bypass the textarea entirely. Cabeza utilizes *Chrome’s Manifest V3 standard* to run a script in the world: "MAIN" execution environment. This is *Google’s officially sanctioned mechanism* for allowing extensions to interface directly with the webpage’s context.
Instead of fighting the UI, we gently intercept the outgoing window.fetch request just milliseconds before it leaves your browser. Cabeza silently prepends your specific, relevant context to the payload, ensuring the LLM receives the memory without it ever cluttering your screen.
Total User Control: The “Flip” UI
Invisible integration does not mean hidden integration. We believe you should always know exactly what is being sent to an AI.
- Opt-In Only: The network interceptor is strictly opt-in. It is disabled by default upon installation. You must explicitly toggle it on in your settings.
- The Fallback: If you leave it off, Cabeza still works perfectly using our manual “Insert” widget, giving you traditional, visible injection.
- The “Flip” Inspector: When the interceptor is armed, your chat box will emit a subtle glow. Clicking this indicator physically “flips” the UI, revealing the exact compiled payload – your prompt plus the injected context. You can read it, audit it, and edit it before the request is ever sent.
Our Uncompromising Security Posture
Because modifying network requests is a sensitive operation, we engineered the interceptor with strict failsafes:
- Zero Data Exfiltration: Cabeza has no backend servers. Zero analytics. Zero third-party transmissions. The memory context being injected is pulled strictly from your own connected data (Drive/Dropbox) and injected locally inside your browser.
- Fail-Open Design: The interceptor is built to fail gracefully. If the AI provider changes their API schema, or if any part of the payload hunt fails, Cabeza instantly aborts the injection and allows your original prompt to pass through unmodified. Your chat will never break.
- Credential Sanitization: Before any context is staged for injection, it passes through our local sanitization protocol to ensure no sensitive credentials or keys from your profile are accidentally passed to the LLM.
We built Cabeza to be the ultimate power tool for AI power users. By giving you total control over the context pipeline, weโre making AI session awareness seamless, secure, and completely transparent.
Leave a Reply