Open-source CLI that scans any website for GDPR compliance — detects dark patterns, scores 4 regulatory dimensions, and generates ready-to-share Markdown reports.
Four compliance dimensions, each scored out of 25 — total 100 points.
Catches pre-ticked boxes, buried reject buttons, asymmetric button sizing, misleading wording, and click asymmetry.
Grades A–F across consent validity, easy refusal, transparency, and cookie behaviour — with per-issue deductions.
Compliance report, per-rule checklist with legal references, and a deduplicated cookie inventory — all rendered in GitHub.
Exits with code 1 on grade F. Drop it into any pipeline to block non-compliant deployments automatically.
Real scans run on 22 Feb 2026. Click to read the full Markdown report.
4 sequential phases using real Chromium browsers via Playwright.
Captures all cookies and network requests fired before any user action — the baseline for tracking before consent.
Tries known CMP selectors, then falls back to DOM heuristics. Extracts buttons with visual properties for dark-pattern analysis.
Clicks the reject button in the same session and records remaining cookies — checking what persists after refusal.
Opens a clean browser, accepts consent, and compares the cookie delta to validate that consent actually changes behaviour.