Connect Clawsmith to your coding agent. Ship products like crazy.Unlimited usage during betaGet API Key →
← Back to ideas
clawsmith.com/idea/browser-extension-gpl-violation-scanner
IdeaCompetitiveopen-sourcelicense-enforcementbrowser-extensionLive

A browser extension that scans published Chrome and Firefox store extensions for stolen GPL source code

Open-source browser extension authors have no practical way to detect when commercial publishers copy their GPL-licensed code verbatim into store-listed extensions. Existing license-compliance tools (FOSSA, Black Duck, Snyk) operate in CI/CD pipelines and require the scanner to have access to private repos — they do not crawl public extension stores or compare published extension bundles against known open-source codebases. This tool automates the discovery pipeline: crawl store listings, unpack extension bundles, fingerprint code, and alert original authors when a statistically significant match against their GPL repo is found.

Demand Breakdown

HN
1,501

Social Proof 1 sources

HN
uBlock Origin GPL code being stolen by team behind Honey browser extension
2025-01-02
1,501

Gap Assessment

CompetitiveMultiple tools exist but differentiation opportunities remain

4 tools exist (FOSSA, Black Duck (Synopsys), Snyk Open Source, Developer License Detector (Chrome extension)) but gaps remain: Does not crawl browser extension stores; requires scanner to have repo access; has no code-similarity fingerprinting for detecting copied bundles in the wild.; Enterprise-only pricing; no store-crawling or extension-bundle diffing; not accessible to indie open-source maintainers; no outbound violation-alerting workflow..

Features7 agent-ready prompts

Extension store crawler and bundle unpacker
Code fingerprinting and similarity engine
Author registry and alert system
Violation report and evidence package generator
Public violation index and watchlist
Chrome and Firefox extension for real-time store-page flagging
Monetized compliance API for enterprise extension audits

Competitive LandscapeFREE

ProductDoesMissing
FOSSAScans dependency trees in CI/CD pipelines for license violations; generates SBOMs; policy enforcement on private and public repos.Does not crawl browser extension stores; requires scanner to have repo access; has no code-similarity fingerprinting for detecting copied bundles in the wild.
Black Duck (Synopsys)Enterprise SCA tool that scans binaries, repos, and containers for open-source components and license obligations.Enterprise-only pricing; no store-crawling or extension-bundle diffing; not accessible to indie open-source maintainers; no outbound violation-alerting workflow.
Snyk Open SourceDependency scanning and license compliance integrated into developer workflows; flags copyleft licenses in dependency trees.No extension-store crawler; focuses on dependency-level license flags, not code-similarity detection; cannot identify when a third party has already copied and republished your code.
Developer License Detector (Chrome extension)Scans web pages to identify JavaScript libraries and their licenses for developer use during browsing.Passive page-scanning only; no code-similarity fingerprinting; no systematic crawl of the extension store; no author-side alert system.

Leads218BUILDER

@extesy
@DirkH
@slowmovintarget
@tzs
@Drakim
@stackskipton
@throwaway48476
@chasebank
218 people already want this

Sign in to unlock full access.

Aggregate Score
1,501
218 leads found
Details
TypeProduct Idea
Competitors4
Features7
Issues1
Leads218
Source Signals
All signals →
1.5KCommercial browser extensions freely copy GPL-licensed open-source extension code with no meaningful recourse for developers
Related Ideas
All ideas →
0A browser extension that removes Gemini and all Google AI injections from Chrome across Search, Gmail, Docs, and Drive in one toggle0A browser extension that gives developers a drop-in subscription and one-time payment layer built specifically for Chrome and Edge extensions0A CLI tool that wraps stateful MCP servers and externalizes their session state so they run behind standard round-robin load balancers without sticky routing
Tags
open-sourcelicense-enforcementbrowser-extensiondeveloper-toolsIP-protectionGPL