A Chrome extension that detects parasitic lead magnets on LinkedIn β posts that gate access to content the author didn't create.
Some LinkedIn "creators" take official documentation, open-source projects, or public tutorials, repackage them in a post, then hide the link behind engagement bait: "Comment π₯ and I'll send you the resource!"
The link is public. The content isn't theirs. They're farming engagement on someone else's work.
CΓ©sar detects these posts and helps you share the original source directly.
CΓ©sar uses a 3-layer confidence scoring model:
Scans every post in your feed for two combined signals:
- Third-party attribution: the post references a product, tool, or project created by someone else
- Gating CTA: the post gates access behind comments, DMs, likes, or follows
Both axes must fire. A post that gates its own content (legitimate lead magnet) is not flagged.
Four heuristics that don't require AI:
| Signal | What it detects | Max points |
|---|---|---|
| Comment bait | 60%+ of comments are single emojis/keywords (π₯, "interested", "me") | +15 |
| Public URL | Post mentions a GitHub repo, npm package, or official docs site | +10 |
| Author mismatch | Author mentions Google but doesn't work at Google | +10 |
| Post structure | Hype intro β feature list β CTA hidden at end | +5 |
If an API key is configured, posts above 30% are sent to an LLM that answers the real question: "Did the author create this content, or just repackage something public?"
The LLM also generates a suggested comment with the original source and the CΓ©sar signature.
| Score | Without API key | With API key |
|---|---|---|
| < 30% | Ignored | Ignored |
| 30-49% | Nothing shown | LLM must confirm (pending badge) |
| 50-75% | Badge shown (capped) | Badge shown + LLM enriches |
| 75-99% | β | Only reachable with LLM confirmation |
| Provider | Model | Cost (per 1M tokens) | Key prefix |
|---|---|---|---|
| Anthropic | Haiku 4.5 | $1 / $5 | sk-ant- |
| OpenAI | GPT-5 mini | $0.25 / $2 | sk- |
| Gemini 3 Flash | $0.50 / $3 | AIza |
|
| xAI | Grok 4.1 Fast | $0.20 / $0.50 | xai- |
The provider is auto-detected from the API key prefix. Prompt caching is enabled for Anthropic (saves ~90% on repeated calls).
git clone https://github.com/bastiensoret/Cesar.git
cd Cesar
npm install
npm run build- Open Chrome β
chrome://extensions/ - Enable Developer mode (toggle top right)
- Click Load unpacked
- Select the
dist/folder - Go to linkedin.com/feed and scroll
Click the CΓ©sar icon in the Chrome toolbar:
- Toggle Web search if you want AI-powered source lookup (requires API key)
- Open Settings β select your provider β paste your API key
- The provider is auto-detected from the key prefix
Without an API key, CΓ©sar works in regex-only mode (capped at 75%).
Cesar/
βββ manifest.json # Chrome Extension Manifest V3
βββ build.js # esbuild bundler (dev/build/package)
βββ src/
β βββ content/ # Content script β detection engine + overlay injection
β βββ background/ # Service worker β multi-LLM API routing + prompt caching
β βββ popup/ # Extension popup UI (HTML + CSS + JS)
β βββ debug/ # MAIN world bridge for console debugging
β βββ shared/ # Utilities shared across modules
βββ static/
β βββ icons/ # Extension icons (16, 48, 128)
β βββ overlay.css # Dark blue badge styles
βββ store-assets/ # Chrome Web Store assets (screenshots, promo tile)
βββ tests/ # Vitest unit tests with jsdom
βββ dist/ # Build output (gitignored)
- Manifest V3: content scripts run in isolated world,
debug.jsruns in MAIN world for console access - No backend: all API calls go directly from the extension to LLM providers. No server to maintain.
- Prompt caching: Anthropic's
cache_control: ephemeralcaches the system prompt across calls - Two-axis detection: a post must have BOTH a gating CTA AND a third-party reference to be flagged
- Layered scoring: regex alone can never say "parasitic" β it can only say "suspicious"
When a post is flagged, CΓ©sar injects a dark blue badge with:
- Header: CΓ©sar name + reason (truncated 40 chars) + confidence % + AI/no-AI badge
- Detail rows: what's gated + original source (LLM mode) or detection signals (regex mode)
- Comment section (LLM mode, collapsible): pre-generated comment with source + "Detected by CΓ©sar ποΈ" signature
- Feedback buttons: Confirm / Partial / False positive
The badge appears at the bottom of the post β you read the post first, then see the verdict.
Open Chrome DevTools console (F12) on LinkedIn:
// Enable debug logging
__cesar.enableDebug()
// Force re-scan all posts
__cesar.rescan()
// Test regex detection on a text string
__cesar.test("Google just released something amazing! Comment π₯ and I'll send you the link")
// View scan stats
__cesar.stats()Debug logs show the full layer breakdown:
[CΓ©sar] L2 Score: 62% (cap 75% (no AI)) | Major company launch mentioned + Asks to comment an emoji
L1 regex: TP=65 CTA=80 β 36%
L2 behavioral: +26pts β comments +15, public URL +10, mismatch +10
- Web search integration (LLM with internet access for verified source URLs)
- Backend + database for storing detections
- Recidivist leaderboard (most flagged accounts)
- Community-submitted source directory
- Shared flagging (if 3+ users flag same post, instant detection)
- Firefox support (WebExtension API)
- Landing page
- LinkedIn post template for spreading awareness
This is an open-source community tool. Contributions welcome:
- Fork the repo
- Create a feature branch (
git checkout -b feature/my-feature) - Test on your LinkedIn feed
- Submit a PR with before/after screenshots
- Regex patterns: more languages (DE, ES, PT, NL), edge cases
- LinkedIn DOM selectors: these break frequently, need monitoring
- LLM prompt tuning: reducing false positives on legitimate lead magnets
- Comment pre-fill: LinkedIn's contenteditable is fragile, needs robust injection
MIT β Give back to CΓ©sar β‘