The Spanner logo

    Introducing Feedworm: A Privacy-First RSS Reader That Lives in DevTools

    By Gareth Heyes (@hackvertor)

    Published just now • Last updated January 22, 2026 ⏱️ 4 min read

    Back to articles

    Feedworm!

    I've been using RSS readers for years. They're the best way to keep up with blogs, news sites, and security research without being at the mercy of algorithmic feeds. But every time I found a reader I liked, the same thing happened: it got acquired, shut down, or started harvesting data.

    So I built my own.

    Why Another RSS Reader?

    The answer is simple: I wanted something I could trust.

    Every cloud-based RSS reader stores your reading habits on their servers. They know what you read, when you read it, and how often you visit certain sites. That data is valuable, and eventually, someone decides to monetize it. Or the company gets sold. Or the service just disappears.

    I wanted a reader that:

    • Stores everything locally - No accounts, no servers, no data leaving my browser
    • Can't be sold - Because there's nothing to sell
    • Just works - No bloat, no social features, no "AI-powered recommendations"

    Feedworm does exactly that.

    What Makes Feedworm Different

    It Lives in DevTools

    This might seem unusual, but it's actually perfect. As a security researcher, I have DevTools open constantly. Having my feeds right there means I can check them without switching contexts or opening another app.

    The DevTools panel gives you a clean, distraction-free reading experience. No browser chrome, no notifications, just your feeds.

    Smart Feed Detection

    When you visit a site with an RSS or Atom feed, Feedworm finds it automatically. Click the extension icon, and you'll see all detected feeds ready to subscribe. No hunting through page source or guessing feed URLs.

    Already subscribed to a feed? Feedworm shows it greyed out so you don't accidentally add duplicates.

    Intelligent Category Suggestions

    Here's a feature I'm particularly proud of. When adding a feed, Feedworm analyzes the page content - meta tags, headings, and body text - to suggest relevant category names. It uses word frequency analysis with stop word filtering to surface meaningful terms.

    Visit a security blog? It might suggest "Security", "Vulnerability", or "Research". A tech news site? "Technology", "Software", "Programming". You can use a suggestion or type your own.

    Engagement-Based Sorting

    Feeds and categories are sorted by how often you actually read them. The content you care about most rises to the top automatically. You can also sort by date added or alphabetically if you prefer.

    Your sorting preferences persist across sessions - Feedworm remembers how you like things organized.

    Everything Stays Local

    All your feeds, read states, click counts, and preferences are stored in Chrome's local storage. Nothing is sent anywhere. When you close your browser, your data stays on your machine.

    This also means Feedworm works offline for reading previously fetched content.

    How to Use It

    Adding Feeds

    1. Navigate to any site with an RSS/Atom feed
    2. Click the Feedworm icon in your toolbar
    3. Select the feeds you want from the detected list
    4. Pick a category (or use a suggestion)
    5. Click "Add to Feedworm"

    Reading Feeds

    1. Open DevTools (F12)
    2. Click the "Feedworm" tab
    3. Browse categories in the sidebar
    4. Click a feed to see its items
    5. Click an item to open it

    Staying Organized

    • Use the search box to filter across all feeds
    • Sort categories by total engagement or alphabetically
    • Sort feeds by clicks, date, or name
    • Unread counts show at a glance what's new

    Feeds refresh automatically once per day, with randomized timing to avoid hammering servers.

    Security Considerations

    Since I built this for my own use as a security researcher, I paid attention to the details:

    • URL validation - Feed URLs must be HTTPS (or HTTP for local testing)
    • Message origin validation - All internal messaging validates the sender
    • No external dependencies - Pure vanilla JavaScript, no third-party libraries
    • Minimal permissions - Only what's strictly necessary

    Get Feedworm

    Feedworm is open source and free. Clone the repository, load it as an unpacked extension, and you're ready to go.

    No account required. No data collected. No acquisition risk.

    Just a simple RSS reader that respects your privacy.

    You can grab the source from Github. It should be released to the Chrome web store soon.

    Made by Gareth Heyes

    Back to articles