Transparency
Last updated: March 2026
Our commitment
Okeeo is committed to transparency about its search, security and information verification methods. This page describes how we protect users and how we flag potentially problematic content.
1. Technical security
We apply a “Security by Design” approach: • Sanitisation of displayed snippets to prevent injection (XSS) • Request rate limiting per IP to prevent abuse • Strict input validation (max 512 characters) • Content Security Policy (CSP) to restrict script and style sources • CORS restricted to allowed origins in production
2. Site integrity
We detect signals during crawling and cross-check open lists (OpenPhish, URLhaus, etc.) via a local file updated by script: • Final redirect to a domain outside the followed source • iframes loaded from external domains in the page HTML • Domains on the blocklist (malware / phishing) • Warning banner on affected results (suspicious or compromised) • We do not remove search results: we inform, we do not censor. • If a warning seems unjustified, contact us via section 4 below.
3. Fact-checking
We integrate several verification mechanisms: • Source type indicator on each result (institutional, press, academic, fact-checker, public service, culture & heritage) • Automatic extraction of ClaimReview data (Schema.org) from crawled pages • Cross-referencing with European fact-checks (EDMO, Google Fact Check Tools API) • "Available fact-checks" panel when fact-checks exist on the topic • Any veracity indication links to the original source (AFP Fact Check, Maldita, Correctiv, etc.) • Recognised fact-checker domains (IFCN/EFCSN signatories) receive a ranking boost.
4. Your feedback matters
If you believe an integrity warning is wrong or too strict (e.g. an institutional site flagged as suspicious), write to us. Your feedback helps us refine lists and crawl signals.
Choose a channel: email opens your mail client with a template; the GitHub link only appears if the project configures it.