Glasshouse
Open-source Claude Code skill for GDPR and ePrivacy audits. Scans a site (consent, pre-consent tracking, cross-border transfers, security headers, cookies, dark patterns) and walks you through filing the complaint with the right data protection authority. MIT-licensed.
One skill, two modes. /glasshouse <url> runs a 3-variant Playwright audit scored across consent flows, pre-consent tracking, dark patterns, cross-border transfers, security headers, cookie hygiene, and legal pages. /glasshouse file <scan-json> walks you through DPA selection, controller detection, and per-finding curation to produce a ready-to-file complaint dossier (letter, PDF, facts per article, evidence CSVs, screenshots, submission checklist).
Nine EU data protection authorities seeded at launch — NL AP, FR CNIL, UK ICO, IE DPC (lead for Meta, LinkedIn, Google EMEA, TikTok), plus five German authorities. Adding a DPA is a one-JSON-file pull request.
MIT-licensed · 81-test suite · github.com/DataGobes/glasshouse
git clone https://github.com/datagobes/glasshouse ~/.claude/skills/glasshouse
cd ~/.claude/skills/glasshouse
npm install
npx playwright install firefoxThen restart Claude Code so the skill is discovered. See the README for the full guide.
Glasshouse is the artefact of an ongoing series on web privacy. Each post forced the scanner to learn something it could not already do — fingerprinting hooks for one, multi-layer banner traversal for another. The launch post explains the bigger argument: the compliance gap and the enforcement gap are both problems of distribution, and tooling on both sides of the wall is how you close it.
No scans published yet.
Rather not run it yourself? I'll scan your site for you →