Monica AI — shadow AI risk profile
Monica · browser extension · base risk score 4 / 5
Browser extension that injects an AI sidebar into every page, including SaaS tools and internal apps. Reads selection text, page DOM, and request bodies. No enterprise tenancy, no SSO, default training-on-inputs. Among the highest-risk shadow AI surfaces because installation is a single click and the data exfiltration is invisible to security teams.
Tier comparison
| Tier | Trains on inputs? | Retention | SSO | Admin controls | Risk flag |
|---|---|---|---|---|---|
| Free | Yes | unlimited days | No | No | high |
| Paid (consumer / personal) | Yes | unlimited days | No | No | high |
| Enterprise / Team | No | 365 days | No | No | medium |
Safer alternatives
- Microsoft 365 Copilot
Microsoft’s tenant-bounded Copilot across Word, Excel, PowerPoint, Outlook, Teams.
Frequently asked questions
Why is Monica more risky than ChatGPT?
Monica reads page content automatically; ChatGPT requires the user to paste. The exposure surface is broader and more passive.
Audit your shadow AI
Is Monica AI live in your organisation alongside other tools your security team has not sanctioned? Run a free 12-minute audit to find out.
Start your audit