# CSV Guard > CSV Guard is a free, privacy-first browser tool for deterministic CSV hygiene. It prefixes formula-like segments using a destination-specific mode, removes duplicate and empty rows, normalizes headers, trims cell edges, and downloads a separate CSV without uploading file contents. CSV Guard supports valid UTF-8 comma, semicolon, tab, pipe, and single-column input. The default apostrophe mode changes underlying values and requires downstream tools to accept or strip the apostrophe; its escape behavior may not survive an Excel save/reopen cycle. The Excel review mode adds a real tab plus an apostrophe; both remain in the data and can disrupt downstream programmatic imports. No mode is universal or a permanent safety guarantee. Both public editions have no analytics endpoint or account system; the static edition also blocks background network connections. It is a hygiene tool, not a business-rule or factual-data validator. Negative values that begin with a minus sign are conservatively prefixed and exported as text. ## Product - [Use CSV Guard](https://zac343.github.io/csv-guard/): Public static application; processing and export run inside the browser tab. - [CSV injection prevention in Excel](https://zac343.github.io/csv-guard/guides/csv-injection-prevention-excel/): Apostrophe-versus-tab trade-offs and a sourced save/close/reopen test workflow. - [CSV export security checklist](https://zac343.github.io/csv-guard/guides/csv-export-security-checklist/): An engineering, AppSec, and QA checklist for threat modeling, export-boundary controls, synthetic tests, and spreadsheet lifecycle verification. - [Project README](https://github.com/zac343/csv-guard/blob/main/README.md): Capabilities, browser limits, privacy model, local development, and verification. - [Support forms](https://github.com/zac343/csv-guard/issues/new/choose): Public bug and feature intake; users must provide only synthetic or redacted examples and never attach a private CSV. ## Technical reference - [CSV engine](https://github.com/zac343/csv-guard/blob/main/app/lib/csv.ts): Delimiter detection, parsing, cleanup, formula-prefix modes, resource limits, and serialization. - [OWASP CSV Injection guidance](https://owasp.org/www-community/attacks/CSV_Injection): Spreadsheet lifecycle risks and prefix trade-offs. - [CSV behavior tests](https://github.com/zac343/csv-guard/blob/main/tests/csv.test.ts): Executable-prefix, Unicode, quoting, delimiter, deduplication, and resource-boundary coverage. - [Static browser controller](https://github.com/zac343/csv-guard/blob/main/docs-src/app.ts): File, paste, sample, preview, and download interactions for the no-telemetry edition. ## Optional - [Source repository](https://github.com/zac343/csv-guard): Viewable source and release history. No software license is currently granted by the repository. - [Security policy](https://github.com/zac343/csv-guard/blob/main/SECURITY.md): Private vulnerability-reporting instructions and supported-version policy.