← Shreyas Sreedhar

Build · 2026 · Open source

CameraShy

A React component library that shields sensitive UI from screenshots — blur it in place or swap it out entirely the moment a capture is detected. Zero dependencies, under 1KB gzipped, SSR-safe. Published on npm.

Live demo: camerashy.xyz·npm·GitHub

camerashy.xyz · blur mode triggered on a balance

150+

npm installs

<1KB

gzipped core

0

dependencies

3

sensitivity levels

01

Where it came from

Not every build starts with a grand problem. This one started with a small annoyance: I kept taking screenshots for projects and my own personal data — dates of birth, balances, keys — kept showing up in the frame. I’d have to crop, blur in Preview, re-export. Every time.

The fix I wanted was the one already on phones: X.com replaces sensitive content the moment a screenshot is taken. I wanted that, but at the component level, for the web. So I built it.

Sometimes the right reason to build something is just that you needed it and it didn’t exist yet.
02

How it works

Wrap any sensitive value in a <CameraShy> component. Set a mode and a sensitivity level. That’s the entire API surface.

import { CameraShy } from 'camerashy';

<CameraShy mode="blur" sensitivity="paranoid">
  $142,069.00
</CameraShy>

<CameraShy mode="replace" replacement={<RedactedBadge />}>
  {sensitiveContent}
</CameraShy>

Under the hood: a useScreenshotDetection hook drives a single global event bus — one listener handles every protected element on the page regardless of how many there are. The component is SSR-safe, activates only on the client, and works across React, Vue, Svelte, and vanilla JS.

03

Three levels of aggression

Relaxed

Triggers on screenshot shortcut keys only

For: API keys, low-stakes personal data

Balanced

Screenshot keys + window focus loss

For: account balances, form data

Paranoid

Any suspicious key combo or context switch

For: SSNs, credentials, anything critical

The levels are designed so the protection never interrupts the experience — the layout stays intact, the page doesn’t reflow, and the user never notices it’s there until someone tries to capture what they shouldn’t.

04

What it is and what it isn’t

CameraShy is visual deterrence. It protects against accidental exposure, shoulder surfing, and casual screen capture. It is not encryption. A determined attacker can get around it. The disclaimer is in the docs and it’s honest.

Most sensitive data on the web has no client-side protection layer at all. This is that layer — lightweight enough that there’s no reason not to use it.

05

The build process

Built with Claude and iterated fast — architecture, the event bus design, the SSR safety. The demo site at camerashy.xyz was built the same way. The “take a screenshot to see the demos react” interaction is the whole product pitch in one gesture: you understand it immediately by doing it, not by reading about it.

ReactTypeScriptZero dependenciesSSR-safenpm publishedMIT licenseFramework-agnostic core