How do I count tokens for GPT-4 or ChatGPT?

Markdown Studio automatically counts tokens as you type using the cl100k_base tokenizer approximation (same as GPT-4, GPT-4o, and ChatGPT). Simply write or paste your text and see the token count update in real-time.

Does this token counter work for Claude?

Yes! Markdown Studio supports token counting for the full Claude family including Claude 4.5 and Claude Opus 4.6. Select any Claude model from the dropdown to see accurate token estimates. Also supports GPT-5, Gemini 3, and Llama 4.

Is this markdown editor free to use?

Yes, Markdown Studio is completely free with no login required. All features including token counting, PDF export, and Mermaid diagrams are available at no cost.

What is a context window in AI models?

A context window is the maximum number of tokens an AI model can process in a single request. Llama 4 Scout leads with 10M tokens, Gemini 3 offers 2M, GPT-4.1 and Grok-3 support 1M, and Claude 4.5 handles 200K. Markdown Studio shows your usage percentage for each model.

What are smart variables in Markdown Studio?

Smart variables let you create reusable placeholders in your markdown that can be filled dynamically. Perfect for AI prompts, templates, and documents with repeated values. Variables appear with visual gutter icons and support presets for common use cases.

Can I collaborate with AI agents in Markdown Studio?

Yes! Markdown Studio supports XML/AI prompt tag autocomplete with 23+ specialized tags for Claude, GPT, and other LLMs, smart variables with presets for dynamic templates, and smart copy formats optimized for AI consumption.

What tokenizer does GPT-4.1 use?

GPT-4.1 uses the o200k_base tokenizer, which has an extended vocabulary (~200,000 tokens) compared to cl100k_base (~100,000 tokens) used by GPT-4 and GPT-4 Turbo. The o200k_base tokenizer is also used by GPT-5, o1, o3, and o4 reasoning models. Markdown Studio supports both tokenizers for accurate token counting.

How do I count tokens for o1, o3, or o4 reasoning models?

Reasoning models (o1, o3, o4) use the o200k_base tokenizer and have two types of tokens: input tokens (your prompt) and thinking tokens (internal reasoning). Markdown Studio counts the input tokens using o200k_base. Note that thinking tokens are generated by the model and cannot be predicted beforehand. Select the appropriate reasoning model from the dropdown to see accurate input token counts.

Which AI model has the largest context window?

As of February 2026, Llama 4 Scout has the largest context window at 10M tokens, followed by Gemini 3 at 2M, GPT-4.1 and Grok-3 at 1M, and Claude 4.5 at 200K. Markdown Studio supports all these models and shows your context window usage percentage in real-time.

What's the best free markdown editor in 2026?

Markdown Studio is the top free markdown editor in 2026. It combines professional editing with AI prompt testing, token counting for 20+ models, Mermaid diagrams, LaTeX math, GitHub sync, and multi-format export — all with zero-knowledge privacy. No login or payment required.

Is there a free alternative to Typora?

Markdown Studio is a free alternative to Typora that adds AI-powered features. It includes live preview, code highlighting for 180+ languages, Mermaid diagrams, LaTeX math, and multi-format export. Plus AI token counting, smart variables, and GitHub sync — features Typora doesn't offer.

What is a privacy-focused prompt testing tool?

Markdown Studio is a privacy-focused prompt testing tool with zero-knowledge architecture. Your content never leaves your browser. Bring your own API keys (stored with AES-256-GCM encryption), test prompts across GPT-5, Claude 4.5, Gemini 3, and more — all 100% locally.

How do I get deterministic outputs from LLMs?

Use Markdown Studio's PromptOps locked mode. It enforces temperature=0, sets a fixed seed, pins the exact model version, and certifies snapshots with SHA-256 hashing. This ensures reproducible outputs across executions — critical for compliance, auditing, and regression testing.

API Security Architecture

How Markdown Studio handles API keys and routes requests to AI providers.

Last updated: February 19, 2026

Zero-Knowledge Architecture: All API calls go directly from your browser to the AI provider. Your API keys and prompt content never transit through our servers.

Overview

Markdown Studio's Prompt Studio feature allows you to test prompts with AI models from OpenAI, Anthropic, and Google. All three providers support direct browser API calls, meaning your data never touches our infrastructure.

Architecture — Direct API Calls (All Providers)

┌─────────────┐
│ Your Browser│
└──────┬──────┘
       │ HTTPS (Direct)
       │ API Key + Prompt
       ↓
┌─────────────────────────┐
│ Provider API            │
│ (OpenAI / Anthropic /   │
│  Google AI)             │
└─────────────────────────┘

All providers:
  - No intermediary
  - Maximum security
  - Your keys never touch our infrastructure

OpenAI (GPT Models)

Direct: Your browser connects to api.openai.com over HTTPS. No intermediary.

Anthropic (Claude Models)

Direct: Your browser connects to api.anthropic.com over HTTPS. No intermediary.

Google (Gemini Models)

Direct: Your browser connects to generativelanguage.googleapis.com over HTTPS. No intermediary.

What We Do NOT Do

Receive API Keys: Keys are stored locally and sent directly from your browser to the provider
See Your Prompts: Prompt content goes directly from your browser to the AI provider
Log or Store Data: We have no server-side infrastructure that handles API requests
Proxy or Forward Requests: There is no intermediary between your browser and the provider
Cache Responses: AI responses stream directly from the provider to your browser

API Key Storage

Location: Keys are stored in your browser's localStorage only
Encryption: Keys are encrypted using AES-256-GCM before storage
Encryption Key: Derived from your browser fingerprint (user agent, language, timezone)
Deletion: Keys remain until you explicitly delete them or clear browser data

Risk Assessment

Provider	Routing	Risk Level	Recommendation
OpenAI	Direct	LOW	Safe for all use cases
Google	Direct	LOW	Safe for all use cases
Anthropic	Direct	LOW	Safe for all use cases

Security Guarantees

All communication is over HTTPS (TLS 1.2+)
All API calls are direct browser-to-provider (zero-knowledge)
No server-side infrastructure handles your API keys or prompts
API keys are encrypted at rest in localStorage
HTML content is sanitized with DOMPurify to prevent XSS

Client-Side Security Considerations

While we never receive your keys, be aware of browser-side risks:

Client-Side Encryption: Keys must be decrypted to use them; the decryption key is stored client-side
Browser Extensions: Malicious extensions with page access could access stored keys
XSS Risk: We use DOMPurify to prevent this, but any XSS vulnerability could expose stored keys
Shared Devices: Do not use Prompt Studio on shared or public computers

Transparency Commitments

Detailed Documentation: This page documents the complete architecture
Privacy: Full disclosure of data handling practices
Contact Available: Questions answered promptly

Monitoring & Best Practices

What You Can Monitor

Your API Usage: Check OpenAI/Anthropic/Google dashboards directly
Unexpected Charges: Set up billing alerts on provider accounts
Key Usage: Some providers show last-used timestamps

Security Best Practices

Only use on trusted, personal devices
Use API key restrictions when available (IP allowlists, referrer restrictions)
Rotate keys periodically (monthly recommended)
Monitor API usage for anomalies
Review your provider's API key permissions
Consider using separate keys for testing vs production

Incident Response

If You Suspect Key Compromise

Immediately rotate your API key in the provider's dashboard
Check your provider's usage logs for unauthorized access
Remove the old key from Markdown Studio
Generate a new key with restrictions (IP allowlist if available)

Questions?

If you have questions about our security architecture or need clarification:

Review our Privacy
Contact us through our website