Cloak Check

A friendly cybersecurity audit of the page you're on, in plain English.

Cloak Check — a friendly safety check for any website Not sure if a site is safe? Click the Cloak Check icon and get an instant traffic-light answer — green, yellow, or red — in plain English. No jargon, no setup, no account. Your browser already knows a lot about whether a page is dodgy. It just hides it all away in developer tools. Cloak Check pulls those signals out and tells you what they actually mean. ──────────────────────────────────── WHAT YOU GET ──────────────────────────────────── • A traffic-light verdict the moment you click — green (looks fine), yellow (be careful), red (serious problems). • A coloured shape right on the toolbar icon — green circle, yellow triangle, red diamond — so you can tell at a glance, even if colours are hard for you to tell apart. • A plain-English list of what it found and whether it actually matters — with a "details" view showing exactly what was spotted, so you (or someone more techy) can double-check. ──────────────────────────────────── WHAT IT LOOKS FOR ──────────────────────────────────── Cloak Check runs twelve checks on every page, including: • Fake addresses — lookalike letters from other alphabets, the "@" trick (paypal.com@evil.com actually loads evil.com), and brand names bolted onto unrelated domains. • Dodgy links — known link shorteners and QR redirectors that hide where you're really being sent. • Insecure connections — pages not using HTTPS, broken security certificates, or asking for your password over an unencrypted connection. • Phishing signs — a page pretending to be a big brand and asking you to log in, or scare tactics like "your account will be suspended" right next to a password box. • Hidden traps — invisible buttons and overlays designed to hijack your clicks, plus sneaky links to risky downloads (.exe, .scr, and the like). • Behind-the-scenes stuff — missing security protections, insecure cookies, and pages quietly asking for your camera, mic, or location. ──────────────────────────────────── HOW THE VERDICT WORKS ──────────────────────────────────── Cloak Check doesn't just shout about the single worst thing it sees. Every issue adds to a score: • One really serious thing (like a fake-brand login page) is enough to go red on its own. • Lots of small warnings add up to red too. • A solid site missing one minor setting stays green — no scaremongering. ──────────────────────────────────── YOUR PRIVACY (THIS BIT MATTERS) ──────────────────────────────────── Nothing about your browsing ever leaves your browser. • No tracking, no analytics, no accounts — there's literally no server to send anything to. • Everything is worked out locally, on the page you're already looking at. • Results are kept in memory only and wiped when you close Chrome. • It needs permission to read the pages you visit, because that's the only way to check them — but reading is all it does. It never changes, blocks, or sends anything anywhere. The code is open and readable, so you can check for yourself. ──────────────────────────────────── WHAT IT CAN'T DO ──────────────────────────────────── Cloak Check is a helpful second opinion, not a guarantee. • It can't see inside embedded frames from other sites. • It only catches obvious download links, not downloads triggered by scripts. • A brand-new fake site, or a perfect copy of a real one on a convincing address, can still slip past it. So stay sensible — treat the verdict as one clue, not the final word. ──────────────────────────────────── HOW TO USE IT ──────────────────────────────────── 1. Install it and pin it to your toolbar. 2. Browse like normal. 3. Glance at the icon for the shape-and-colour verdict, or click it for the full breakdown. That's it — free, open source, and no settings to fiddle with.