LinkedIn is scanning your browser extensions: what AI developers need to know

Yesterday, a story hit the top of Hacker News with 1,540 points: LinkedIn is actively scanning your installed browser extensions.

For most developers, the reaction was visceral. Not surprised �� but still unsettled. Because this isn't just about LinkedIn.

The pattern is everywhere

Big Tech products have quietly expanded their data collection to include:

• Browser extension inventories (LinkedIn)

• Clipboard contents (TikTok, caught in 2020)

• Installed app lists (various mobile apps)

• Keystroke patterns (some "productivity" tools)

The AI tools you use every day are no exception.

What this means for your AI coding tools

If you're using a cloud-based AI coding assistant, consider what telemetry it might collect:

Enter fullscreen mode

Exit fullscreen mode

The first three are expected and necessary. The last three are increasingly common in enterprise AI tools — and rarely disclosed clearly.

The ANTHROPIC_BASE_URL approach: what stays local

One way to reduce your data exposure is to control where your AI requests go.

Claude Code supports a simple environment variable:

export ANTHROPIC_BASE_URL=https://simplylouie.com

Enter fullscreen mode

Exit fullscreen mode

This routes your Claude API calls through a proxy rather than directly to Anthropic. The difference in terms of data:

Direct to Anthropic Via proxy

Anthropic collects all metadata Proxy operator controls logging

Subject to Anthropic's data policies Subject to proxy's privacy policy

Enterprise tier required for no training Depends on proxy

The proxy I use for my own Claude Code setup is SimplyLouie — ✌️2/month flat, no rate limits, and the operator (a solo indie developer) isn't building a surveillance business. The source isn't open but the model is simple: flat fee, no upsells, 50% of revenue to animal rescue.

Checking your AI tool's telemetry

For any AI tool you use, here's a quick audit checklist:

Check what processes are running

ps aux | grep -i ai

Check extension permissions in Chrome

chrome://extensions/`

Enter fullscreen mode

Exit fullscreen mode

For VS Code extensions specifically:

Check extension telemetry settings

cat ~/.config/Code/User/settings.json | grep -i telemetry`

Enter fullscreen mode

Exit fullscreen mode

You can disable most VS Code telemetry:

Enter fullscreen mode

Exit fullscreen mode

The deeper issue: consent vs. disclosure

The LinkedIn story is alarming not because scanning extensions is necessarily malicious — but because it wasn't disclosed.

Developers are used to tools collecting data. We accept it as the cost of free services. But when the scanning happens silently, it crosses from data collection into surveillance.

For AI tools specifically, the stakes are higher:

• Your codebase is confidential

• Your API keys appear in context windows

• Your architecture decisions are visible

• Your debugging sessions reveal vulnerabilities

Any AI tool that phones home more than necessary is a liability — not just a privacy concern.

Practical steps

• Audit your AI tools — check their privacy policies for "telemetry", "analytics", and "usage data" sections

• Use ANTHROPIC_BASE_URL to route Claude calls through a proxy you understand

• Check browser extension permissions — if an extension doesn't need to read all sites, revoke that permission

• Use .claudeignore to keep sensitive files out of Claude Code's context

• Set VS Code telemetry to off — it doesn't affect functionality

Enter fullscreen mode

Exit fullscreen mode

The trend won't reverse

LinkedIn won't stop scanning extensions because of bad press — they'll just make the disclosure harder to find.

The AI tools market is moving in the same direction. More data collection, more telemetry, more "usage analytics" that fund the next model training run.

Your best defense is choosing tools where the operator's business model doesn't depend on your data.

For $2/month alternatives to the surveillance-funded AI stack: simplylouie.com

Claude Code users: set ANTHROPIC_BASE_URL=https://simplylouie.com in your shell profile. 7-day free trial, no rate limits.