Script inventory

Track every script your site depends on and see when that surface changes.

Consepo inventories first-party and third-party script origins discovered during scanning so teams can review dependencies, drift, and CSP implications from one place.

Scripts are often the highest-risk resource class in a CSP rollout. A maintained inventory makes it easier to review who is executing code on your pages and why each origin is allowed.

  • Capture script origins during real browser scans.
  • See which pages and flows introduce each dependency.
  • Use the inventory to justify or tighten script-src decisions.
Run a free scan See plans

Need the standard behind the workflow? Read the W3C CSP Level 3 specification.

Consepo Workflow

Inventory coverage

  • 1First-party and third-party script source tracking
  • 2Page-level attribution for discovered dependencies
  • 3Drift review between scans and releases
  • 4Policy guidance for script-src refinement

Understand your executable footprint

A script inventory clarifies which vendors and internal bundles are part of the site experience today, not six releases ago.

Review change over time

Repeated scans surface newly introduced script sources so teams can decide whether each one belongs in the policy.

Tighten script-src with evidence

Because each source is tied back to pages and scans, teams can remove stale allowances with less risk.

Workflow

How this fits the Consepo rollout

Step 1

Discover script dependencies during scans

Consepo records the origins and loading patterns needed by each rendered page in the crawl set.

Step 2

Review newly introduced sources

Compare current and prior scan output to spot third-party additions, vendor changes, or unexplained drift.

Step 3

Align the inventory with policy

Use the discovered script set to justify a tighter script-src directive and remove stale allowances over time.

Deliverables

What teams get out of it

  • A living record of script origins observed in the browser
  • Release-to-release visibility into dependency drift
  • Better context for tightening and maintaining script-src

Related feature paths

Keep this feature connected to the broader CSP rollout.

These pages help visitors move between the feature detail, the full feature set, and the solution paths where the feature is most useful.

Next step

Scan the site, review the evidence, and move toward an enforceable CSP.

Consepo is built to help teams go from first crawl to stable policy rollout without guessing which sources belong in the final header.

Create accountBack to overview