// arsenal / cspy
CSPy
A browser extension that audits the CSP and security headers of any site you visit and explains, in plain language, what an attacker could do with the gaps.
Run it
Live demo and self-host instructions. Free, always.
Contribute
Open issues are tagged good-first-issue. Merged PRs earn fathoms.
Read the source
Full transparency. Audit it before you trust it.