chrismagno12

Nice — putting the docs/examples directly in the thread already makes it much easier to try. I’d add one curl example and a short note about rate limits / uptime near the top too, because that is usually enough to turn curiosity into first real usage.

If you want more people to actually test it, put the base URL plus 2-3 copy-paste examples and one sample JSON response right at the top. "No auth + CORS enabled" is a strong hook, but dev adoption usually depends on how fast someone can make their first successful request.

Nice niche. A really strong next step would be a risk-summary layer: not just which permissions are requested, but why each one is sensitive, common legitimate use cases, and a simple investigate/high-risk/probably-fine verdict. Raw lists help devs; explanations help normal users.

The privacy-first angle is exactly right. I built an open-source Twitter unfollow manager with the same philosophy - all processing happens locally in the browser, zero external calls. The Web Store review process does not catch permission abuse, which is why minimal permissions plus a transparent README matters more than any badge. Good luck with the CI/CD integration.