Most browser extensions that call an AI API route your request through the developer's backend. That's the obvious architecture: you ship an extension, you control the API key, you log requests, you see what your users are doing. The extension itself becomes a thin client for your server. I built rabbitholes differently, and it's worth explaining the specific constraint I chose and why. Every request — highlight to explanation, word click to follow-up, globe icon to web-enriched answer — goes directly from your browser to api.anthropic.com or api.search.brave.com . There is no intermediary server. I don't have one. Your Anthropic API key lives in chrome.storage.sync , which is encrypted by Chrome and scoped to your profile. It never transits any infrastructure I own. The practical consequence: I have zero visibility into what you look up.…