Open-source CLI that scans any website for GDPR compliance — detects dark patterns, scores 4 regulatory dimensions, and generates ready-to-share HTML reports.
Four compliance dimensions, each scored out of 25 — total 100 points.
Catches pre-ticked boxes, buried reject buttons, asymmetric button sizing, misleading wording, and click asymmetry.
Grades A–F across consent validity, easy refusal, transparency, and cookie behaviour — with per-issue deductions.
Full compliance report with score breakdown, dark pattern evidence, cookie inventory, and IAB TCF analysis — ready to share or attach to an audit.
Exits with code 1 on grade F. Drop it into any pipeline to block non-compliant deployments automatically.
Real scans run on Feb 2026. Click to open the full interactive HTML report.
4 sequential phases using real Chromium browsers via Playwright.
Captures all cookies and network requests fired before any user action — the baseline for tracking before consent.
Tries known CMP selectors, then falls back to DOM heuristics. Extracts buttons with visual properties for dark-pattern analysis.
Clicks the reject button in the same session and records remaining cookies — checking what persists after refusal.
Opens a clean browser, accepts consent, and compares the cookie delta to validate that consent actually changes behaviour.