Changelog

ShipKit is now Mizzen, with a whole new Security category.

• ShipKit is now Mizzen: same app, new name and a new sail icon. Your license, watched sites, and settings carry over untouched.
• New Security category, 21 pre-launch checks: clickjacking protection, session-cookie HttpOnly/Secure/SameSite, exposed API keys in your page and JS bundles, password forms over http, public /.git or /.env files, framework debug pages, exposed source maps, and weak security headers.
• Email and domain safety: flags a missing DMARC or SPF record so no one can spoof your domain, and warns when your TLS certificate is about to expire.
• Subdomain-takeover detection for dangling DNS that still points at an unclaimed host.
• Light, Dark, or System appearance switch in the menu-bar footer, with a matching monochrome menu-bar sail.

Per-page checks, a bigger checklist, and updates that just happen.

• Whole-site scans check each page as its own type, a waitlist, store, docs page, or portfolio each get the checks that matter for them.
• Watch a site after you scan it and get notified the moment a passing check starts failing or the site goes down.
• Copy for AI: one prompt with every issue and its fix, ready to paste into Claude, Cursor, or ChatGPT.
• Background self-updates, branded client PDF export, and a faster scanner that stops tripping CDN rate limits.