AI News HubLIVE
In-site rewrite3 min read

ColibotAI: Translate, Summarize & Explain Any Text — On-Device or BYOK

ColibotAI is a privacy-first Chrome extension that lets you translate, summarize, or explain text using on-device AI, your own API keys, or local models. No backend, no tracking, free and GDPR-compliant.

SourceProduct Hunt AIAuthor: Edoardo Guzzi

ColibotAI: Translate, summarize & explain any text — on-device or BYOK | Product Hunt

Translate, summarize & explain any text — on-device or BYOK

16 followers

Translate, summarize & explain any text — on-device or BYOK

16 followers

Visit website

Chrome Extensions

Translation

Welcome to ColibotAI, the Chrome extension that revolutionizes how you interact with page and text on the web page in the browser. Leveraging the power of ChatGPT(in future more AI), ColibotAI allows you to translate or summarize (and more) selected text with just a click, add note and more.

Overview

Launches2

Reviews

Alternatives

Built with

Team

More

This is the 2nd launch from ColibotAI. View more

ColibotAI

Launching today

Translate, summarize & explain any text on-device

Most AI extensions lock you to one cloud model and send your text to their servers. ColibotAI is different. Select any text and translate, summarize or explain it - and YOU pick the engine: on-device with Chrome's built-in AI (free; nothing leaves your computer), your own key (Claude, GPT, Gemini, OpenRouter), or your own local model (Ollama, LM Studio). No account, no analytics, no tracking, no backend. Results save as searchable local notes. Free, Made in Switzerland.

Free

Launch tags:Chrome Extensions•Productivity•Artificial Intelligence

Launch Team / Built With

Subscribe

Previous ColibotAI Launches

ColiBotAI speeds up and improves your study or work

Launched on January 24th, 2025

Reviews

No reviews yetBe the first to leave a review for ColibotAI

Promoted

Maker

📌

Hi Product Hunt 👋 I'm Edoardo, from WebWakeUp.

ColibotAI started as a simple "highlight‑and‑translate" extension. People liked it — but under the hood it had grown into something I wasn't comfortable shipping anymore. So for 0.8 we didn't patch it. We rewrote it from scratch. Here's the honest why.

What was wrong with the old build

🔑 The API key was stored in chrome.storage.sync — i.e. synced to your Google account. There were "encryption" modules too, but they were dead code (and broken in a service worker).

🐛 A regex "sanitizer" was being run over the AI prompts themselves, quietly corrupting them.

🐦 A little hummingbird icon followed your cursor via a mousemove listener on every page.

📦 ~15 content scripts + 3 stylesheets were injected into every HTTPS page, even when the extension was off — and toggling it reloaded all your tabs.

🧱 No types, no bundler, no tests, a hardcoded model and a 500‑token cap.

It worked, but it was fragile, leaky, and slow to evolve.

What we did instead We rebuilt ColibotAI on a modern stack and a privacy‑first architecture:

WXT + TypeScript + Vite (Manifest V3). WXT gives file‑based entrypoints, a generated MV3 manifest, typed messaging/storage, and — crucially — the in‑page UI now lives in an isolated Shadow DOM (createShadowRootUi) that can't clash with the page's CSS. UI is injected on demand (activeTab), not on every page.

A hybrid AI engine. On‑device first (Chrome's built‑in Gemini Nano — free & private), with automatic fallback to your own key across OpenAI, Anthropic, Google and OpenRouter — plus a new Custom / Local option that points ColibotAI at any OpenAI‑compatible server (Ollama, LM Studio, llama.cpp, or your own gateway), so you can run open models fully local and free. There's no backend — your text goes straight from your browser to the provider you chose, to your own machine, or nowhere at all on‑device.

Security & privacy as defaults. The key lives in chrome.storage.local only (never synced), with an optional session‑only mode; a one‑time migration moves any legacy synced key to local and deletes it from sync. AI output is rendered with marked + DOMPurify (no more regex‑sanitizer XSS surface). Minimal permissions; provider hosts are optional and requested only when you add a key.

The little things that add up: typed end‑to‑end messages, EN/IT localization, light/dark, ESLint + Prettier + Vitest, a notes side panel with search and JSON export/import, API‑key validation on save (a zero‑token check so you know immediately if a key works), a debug mode, and a smart cache that reuses a saved answer for near‑identical selections so you don't spend tokens twice.

Same idea, a much better tool. It's free, GDPR‑compliant, and Made in Switzerland. Would love your feedback — especially on the on‑device vs. bring‑your‑own‑key balance. 🙏

Report

6d ago