Tool · active

Script Auditor

Visit project (opens in new tab)
Script Auditor

Paste a URL, get a full audit of every script tag on the page. The tool detects both static scripts in the HTML and ones injected dynamically by other JavaScript after the page loads. Each script gets categorized, risk-assessed, and scored for performance impact.

Why I Built It

Most sites have more scripts running than anyone on the team realizes. Some are render-blocking. Some are third-party dependencies no one remembers adding. Some get injected by other scripts after the page loads. I wanted a tool that could answer a simple question: what's actually running on this page right now?

Not what's supposed to be running according to a tag manager config, but what's actually loading in the browser, including everything injected after initial render.

How It Works

The system has three services working together.

A browser service fetches the raw HTML to find static script tags, then launches a headless browser to load the page and capture everything injected dynamically. It diffs the two states to figure out what was added at runtime. It also captures console errors and CSP violations during the page load.

An API layer orchestrates the audit. It validates the submitted URL, calls the browser service, then sends the detected scripts to Claude for analysis. Claude categorizes each script (analytics, advertising, framework, utility, CDN), assigns a risk level, flags anything problematic, and writes a plain-language summary of the page's script footprint. The API also calculates a bloat score based on render-blocking scripts, third-party ratio, and dynamic injection count.

Audit results showing narrative, risk flags, and bloat metrics for cnn.com

A frontend ties it together with a tabbed interface: overview with the narrative and bloat metrics, a risk panel for flagged scripts, a detailed script table, and a console panel for errors and CSP violations.

Scripts table showing all detected scripts with category, risk level, and descriptions

Stack

Browser Service

  • Node.js + Express
  • Playwright (headless Chromium)
  • Cheerio (HTML parsing)

API

  • Laravel (PHP)
  • Anthropic SDK (Claude for script analysis)

Frontend

  • Next.js + React
  • TailwindCSS
  • TypeScript

Status

Active. Running at tools.ozzyrodriguez.com/audit.

← All projects