Skip to content

JonBoyle-Dev/Dark-pattern-Detector

Repository files navigation

🕵️ Dark Pattern Detector

A Chrome extension that spots and highlights manipulative UI patterns as you browse — hidden opt-outs, fake urgency timers, pre-ticked checkboxes, guilt-trip copy, and more. Combines fast local DOM scanning with an optional Claude AI layer for subtler manipulation like privacy zuckering and bait-and-switch pricing.

Version Manifest Model


What it detects

Layer 1 — DOM rules (instant, no API key needed)

Pattern Severity
Pre-ticked marketing checkboxes 🔴 Critical
Cookie banners with no reject option 🔴 Critical
Hidden or tiny opt-out links 🟠 High
Confirm-shaming ("No thanks, I hate saving money") 🟠 High
Double-negative consent copy 🟠 High
Fake scarcity claims ("Only 3 left!") 🔵 Medium
Urgency countdown timers 🔵 Medium

Layer 2 — Claude AI (optional, catches subtle patterns)

Pattern Category
Vague consent copy that obscures data sharing Privacy zuckering
Fear or guilt language used to pressure decisions Emotional manipulation
Headline promise contradicted by fine print Bait and switch
"Join in seconds, cancel anytime*" with buried caveats Roach motel
Fees described as added later, not shown upfront Bait and switch

Installation

Note: This extension is not yet on the Chrome Web Store. Load it manually using Developer mode.

  1. Download and unzip dark-pattern-detector-v2.zip
  2. Open Chrome and go to chrome://extensions
  3. Enable Developer mode (toggle, top right)
  4. Click Load unpacked and select the dark-pattern-detector folder
  5. Pin the 🕵️ icon to your toolbar

Adding the AI layer (optional)

The extension works out of the box using DOM rules only. To enable the Claude AI layer:

  1. Get an Anthropic API key at console.anthropic.com
  2. On first install, the onboarding tab opens automatically — paste your key there
  3. Or add it later: click 🕵️ → ⚙ → enter key → Save

What gets sent to Claude: button labels, form copy, headings near CTAs, and timer text — nothing else. Your typed input, passwords, and personal data are never extracted. The key is stored locally on your device only and is never synced.


How it works

Page loads
├── DOM rules fire instantly (~100ms)
│     └── Highlights appear on page + findings in popup
│
└── Claude AI fires async (on page load + manual rescan)
      └── AI findings merge into overlay with purple badges

User triggers dynamic content (scroll, popups, SPAs)
└── MutationObserver re-runs DOM rules on new elements only

Findings are colour-coded by severity:

  • 🔴 Red — Critical (pre-ticked consent, no cookie reject)
  • 🟠 Amber — High (confirm-shaming, hidden opt-outs)
  • 🔵 Blue — Medium (fake scarcity, countdown timers)
  • 🟣 Purple — AI-detected finding

Sensitivity modes

Mode Shows Best for
Cautious Critical + High only Everyday browsing, low noise
Balanced (default) Critical + High + Medium Most users
Strict Everything Designers and researchers

Switch modes any time via the popup settings panel.


Project structure

dark-pattern-detector/
├── manifest.json               Chrome MV3 manifest
├── content_script.js           Orchestrates detection pipeline
├── background.js               Service worker — API proxy, badge, key storage
├── overlay.js                  Injects highlights and tooltips onto the page
├── overlay.css                 Overlay styles
├── rules/
│   ├── dom_rules.js            7 local DOM detection rules
│   └── ai_analyzer.js          Payload extraction + Claude API integration
├── panel/
│   ├── popup.html              Extension popup
│   ├── popup.css               Popup styles
│   ├── popup.js                Popup logic
│   └── onboarding.html         First-run API key setup
└── icons/
    ├── icon16.png
    ├── icon48.png
    └── icon128.png

Roadmap

  • Phase 1 — DOM detection rules, overlay, popup UI
  • Phase 2 — Claude AI layer, onboarding, API key management
  • Phase 3 — Report export (PDF/JSON), pattern library, community rule submissions, Firefox support, site history, allow/block list

Privacy

  • The extension never reads form inputs, passwords, or anything you type
  • Page content is only sent to the Anthropic API when an API key is configured and a scan is triggered
  • The API key is stored in chrome.storage.local — device only, never synced across accounts
  • No analytics, no tracking, no third-party data collection

Contributing

Bug reports and pattern submissions welcome. If you find a dark pattern the extension misses, open an issue with the URL, a screenshot, and a description of what you spotted.


License

MIT# Dark-pattern-Detector

About

Detects and highlights manipulative UI patterns in real time as you browse. Catches all 11 pattern types — sneaky sign-up checkboxes, cookie tricks, guilt-trip buttons, fake urgency, forced sign-ups, hidden catches, and more. Simple mode shows a plain-English health score with "What to do" tips. Expert mode gives the full technical detail.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors