diff --git a/docs/content/docs/1.guides/3.consent.md b/docs/content/docs/1.guides/3.consent.md
index 4261b90d..21953542 100644
--- a/docs/content/docs/1.guides/3.consent.md
+++ b/docs/content/docs/1.guides/3.consent.md
@@ -1,51 +1,48 @@
 ---
 title: Consent Management
-description: Learn how to get user consent before loading scripts.
+description: Gate scripts behind user consent and drive vendor-native consent APIs through a typed per-script `consent` object.
 ---
 
 ::callout{icon="i-heroicons-play" to="https://stackblitz.com/github/nuxt/scripts/tree/main/examples/cookie-consent" target="_blank"}
 Try the live [Cookie Consent Example](https://stackblitz.com/github/nuxt/scripts/tree/main/examples/cookie-consent) or [Granular Consent Example](https://stackblitz.com/github/nuxt/scripts/tree/main/examples/granular-consent) on [StackBlitz](https://stackblitz.com).
 ::
 
-## Background
+## Two complementary primitives
 
-Many third-party scripts include tracking cookies that require user consent under privacy laws. Nuxt Scripts simplifies this process with the [`useScriptTriggerConsent()`{lang="ts"}](/docs/api/use-script-trigger-consent){lang="ts"} composable, allowing scripts to load only after you receive user consent.
+Nuxt Scripts ships two consent primitives that work together:
 
-## Usage
+1. **[`useScriptTriggerConsent()`{lang="ts"}](/docs/api/use-script-trigger-consent)**: a binary load gate. The script only starts loading after consent is granted.
+2. **Per-script `consent` object** returned from every consent-aware `useScriptX()`{lang="ts"}. A vendor-native, typed API for granting, revoking, or updating consent categories at runtime. Paired with each script's `defaultConsent` option for the initial policy applied *before* the vendor's init call.
 
-The [`useScriptTriggerConsent()`{lang="ts"}](/docs/api/use-script-trigger-consent){lang="ts"} composable offers flexible interaction options suitable for various scenarios.
+Each vendor exposes its own consent dialect (Google Consent Mode v2 for GA/GTM/Bing, binary grant/revoke for Meta, three-state for TikTok, `setConsentGiven`/`forgetConsentGiven` for Matomo, `opt_in`/`opt_out` for Mixpanel/PostHog, cookie toggle for Clarity). You wire each explicitly.
 
-See the [API](/docs/api/use-script-trigger-consent) docs for full details on the available options.
+## Binary load gate
 
-### Accepting as a Function
-
-The easiest way to make use of [`useScriptTriggerConsent()`{lang="ts"}](/docs/api/use-script-trigger-consent){lang="ts"} is by invoking the `accept` method when user consent is granted.
-
-For an example of how you might lay out your code to handle this, see the following:
+The simplest usage matches the classic cookie-banner flow: load the script only after the user clicks accept.
 
 ::code-group
 
 ```ts [utils/cookie.ts]
-export const agreedToCookiesScriptConsent = useScriptTriggerConsent()
+export const scriptsConsent = useScriptTriggerConsent()
 ```
 
 ```vue [app.vue]
 <script setup lang="ts">
-import { agreedToCookiesScriptConsent } from '#imports'
+import { scriptsConsent } from '#imports'
 
 useScript('https://www.google-analytics.com/analytics.js', {
-  trigger: agreedToCookiesScriptConsent
+  trigger: scriptsConsent,
 })
 </script>
 ```
 
 ```vue [components/cookie-banner.vue]
 <script setup lang="ts">
-import { agreedToCookiesScriptConsent } from '#imports'
+import { scriptsConsent } from '#imports'
 </script>
 
 <template>
-  <button @click="agreedToCookiesScriptConsent.accept()">
+  <button @click="scriptsConsent.accept()">
     Accept Cookies
   </button>
 </template>
@@ -53,56 +50,183 @@ import { agreedToCookiesScriptConsent } from '#imports'
 
 ::
 
-### Accepting as a resolvable boolean
+### Reactive source
 
-Alternatively, you can pass a reactive reference to the consent state to the [`useScriptTriggerConsent()`{lang="ts"}](/docs/api/use-script-trigger-consent){lang="ts"} composable. This will automatically load the script when the consent state is `true`.
+Pass a `Ref<boolean>`{lang="html"} if an external store owns the state.
 
 ```ts
 const agreedToCookies = ref(false)
-useScript('https://www.google-analytics.com/analytics.js', {
-  trigger: useScriptTriggerConsent({
-    consent: agreedToCookies
-  })
-})
+const consent = useScriptTriggerConsent({ consent: agreedToCookies })
 ```
 
-### Revoking Consent
+### Revoking
 
-You can revoke consent after it has been granted using the `revoke` method. Use the reactive `consented` ref to track the current consent state.
-
-```vue [components/cookie-banner.vue]
-<script setup lang="ts">
-import { agreedToCookiesScriptConsent } from '#imports'
-</script>
+Consent revocation flips the reactive `consented` ref. Once the load-gate promise has resolved the script has loaded; watch `consented` if you need to tear down on revoke.
 
+```vue
 <template>
-  <div v-if="agreedToCookiesScriptConsent.consented.value">
-    <p>Cookies accepted</p>
-    <button @click="agreedToCookiesScriptConsent.revoke()">
+  <div v-if="scriptsConsent.consented.value">
+    <button @click="scriptsConsent.revoke()">
       Revoke Consent
     </button>
   </div>
-  <button v-else @click="agreedToCookiesScriptConsent.accept()">
+  <button v-else @click="scriptsConsent.accept()">
     Accept Cookies
   </button>
 </template>
 ```
 
-### Delaying script load after consent
+### Delaying the load after consent
+
+```ts
+const consent = useScriptTriggerConsent({
+  consent: agreedToCookies,
+  postConsentTrigger: () => new Promise<void>(resolve =>
+    setTimeout(resolve, 3000),
+  ),
+})
+```
 
-There may be instances where you want to trigger the script load after a certain event, only if the user has consented.
+## Per-script consent API
 
-For this you can use the `postConsentTrigger`, which shares the same API as `trigger` from the [`useScript()`{lang="ts"}](/docs/api/use-script){lang="ts"} composable.
+Every consent-aware `useScriptX()`{lang="ts"} returns a `consent` object typed to the vendor's native API. Combine it with `defaultConsent` for the initial policy (applied in `clientInit` before the vendor fires its first call) and call `consent.*` from your cookie banner to update.
 
 ```ts
-const agreedToCookies = ref(false)
-useScript('https://www.google-analytics.com/analytics.js', {
-  trigger: useScriptTriggerConsent({
-    consent: agreedToCookies,
-    // load 3 seconds after consent is granted
-    postConsentTrigger: () => new Promise<void>(resolve =>
-      setTimeout(resolve, 3000),
-    ),
+const { consent } = useScriptGoogleAnalytics({
+  id: 'G-XXXXXXXX',
+  defaultConsent: { ad_storage: 'denied', analytics_storage: 'denied' },
+})
+
+function onAcceptAll() {
+  consent.update({
+    ad_storage: 'granted',
+    ad_user_data: 'granted',
+    ad_personalization: 'granted',
+    analytics_storage: 'granted',
   })
+}
+```
+
+### Per-vendor surface
+
+| Script | `defaultConsent` | Runtime `consent.*` |
+|---|---|---|
+| Google Analytics | `Partial<ConsentState>`{lang="html"} (GCMv2) | `consent.update(state)`{lang="ts"} |
+| Google Tag Manager | `Partial<ConsentState>`{lang="html"} (GCMv2) | `consent.update(state)`{lang="ts"} |
+| Bing UET | `{ ad_storage }` | `consent.update({ ad_storage })`{lang="ts"} |
+| Meta Pixel | `'granted' \| 'denied'` | `consent.grant()`{lang="ts"} / `consent.revoke()`{lang="ts"} |
+| TikTok Pixel | `'granted' \| 'denied' \| 'hold'` | `consent.grant()`{lang="ts"} / `consent.revoke()`{lang="ts"} / `consent.hold()`{lang="ts"} |
+| Matomo | `'required' \| 'given' \| 'not-required'` | `consent.give()`{lang="ts"} / `consent.forget()`{lang="ts"} *(requires `defaultConsent: 'required'` or `'given'`)* |
+| Mixpanel | `'opt-in' \| 'opt-out'` | `consent.optIn()`{lang="ts"} / `consent.optOut()`{lang="ts"} |
+| PostHog | `'opt-in' \| 'opt-out'` | `consent.optIn()`{lang="ts"} / `consent.optOut()`{lang="ts"} |
+| Clarity | `boolean \| Record<string, string>`{lang="html"} | `consent.set(value)`{lang="ts"} |
+
+See each script's registry page for notes on lossy projections and vendor caveats.
+
+### Fanning out to multiple scripts
+
+When one cookie banner drives several vendors, wire them explicitly in your accept handler. No magic, fully typed, no lossy remapping:
+
+```ts
+const ga = useScriptGoogleAnalytics({ id: 'G-XXX', defaultConsent: { ad_storage: 'denied', analytics_storage: 'denied' } })
+const meta = useScriptMetaPixel({ id: '123', defaultConsent: 'denied' })
+const matomo = useScriptMatomoAnalytics({ cloudId: 'foo.matomo.cloud', defaultConsent: 'required' })
+
+function onAcceptAll() {
+  ga.consent.update({
+    ad_storage: 'granted',
+    ad_user_data: 'granted',
+    ad_personalization: 'granted',
+    analytics_storage: 'granted',
+  })
+  meta.consent.grant()
+  matomo.consent.give()
+}
+
+function onDeclineAll() {
+  meta.consent.revoke()
+  matomo.consent.forget()
+}
+```
+
+### Granular categories
+
+If users can toggle categories individually (analytics, marketing, functional), the same pattern applies; each script gets only the categories it understands:
+
+```ts
+function savePreferences(choices: { analytics: boolean, marketing: boolean }) {
+  ga.consent.update({
+    analytics_storage: choices.analytics ? 'granted' : 'denied',
+    ad_storage: choices.marketing ? 'granted' : 'denied',
+    ad_user_data: choices.marketing ? 'granted' : 'denied',
+    ad_personalization: choices.marketing ? 'granted' : 'denied',
+  })
+  if (choices.marketing)
+    meta.consent.grant()
+  else meta.consent.revoke()
+  if (choices.analytics)
+    matomo.consent.give()
+  else matomo.consent.forget()
+}
+```
+
+## Third-party CMP recipes
+
+When a dedicated Consent Management Platform owns the UI, bridge its events into each script's `consent` API.
+
+### OneTrust
+
+```ts
+const ga = useScriptGoogleAnalytics({ id: 'G-XXX', defaultConsent: { ad_storage: 'denied', analytics_storage: 'denied' } })
+const meta = useScriptMetaPixel({ id: '123', defaultConsent: 'denied' })
+
+onNuxtReady(() => {
+  function apply() {
+    const groups = (window as any).OnetrustActiveGroups as string | undefined
+    if (!groups)
+      return
+    const analytics = groups.includes('C0002')
+    const marketing = groups.includes('C0004')
+    ga.consent.update({
+      analytics_storage: analytics ? 'granted' : 'denied',
+      ad_storage: marketing ? 'granted' : 'denied',
+      ad_user_data: marketing ? 'granted' : 'denied',
+      ad_personalization: marketing ? 'granted' : 'denied',
+    })
+    if (marketing)
+      meta.consent.grant()
+    else meta.consent.revoke()
+  }
+
+  apply()
+  window.addEventListener('OneTrustGroupsUpdated', apply)
+})
+```
+
+### Cookiebot
+
+```ts
+const ga = useScriptGoogleAnalytics({ id: 'G-XXX', defaultConsent: { ad_storage: 'denied', analytics_storage: 'denied' } })
+const meta = useScriptMetaPixel({ id: '123', defaultConsent: 'denied' })
+
+onNuxtReady(() => {
+  function apply() {
+    const cb = (window as any).Cookiebot
+    if (!cb?.consent)
+      return
+    ga.consent.update({
+      analytics_storage: cb.consent.statistics ? 'granted' : 'denied',
+      ad_storage: cb.consent.marketing ? 'granted' : 'denied',
+      ad_user_data: cb.consent.marketing ? 'granted' : 'denied',
+      ad_personalization: cb.consent.marketing ? 'granted' : 'denied',
+    })
+    if (cb.consent.marketing)
+      meta.consent.grant()
+    else meta.consent.revoke()
+  }
+
+  apply()
+  window.addEventListener('CookiebotOnAccept', apply)
+  window.addEventListener('CookiebotOnDecline', apply)
 })
 ```
diff --git a/docs/content/scripts/bing-uet.md b/docs/content/scripts/bing-uet.md
index da016ea1..47103fe9 100644
--- a/docs/content/scripts/bing-uet.md
+++ b/docs/content/scripts/bing-uet.md
@@ -57,22 +57,18 @@ function trackSignup() {
 
 ### Consent Mode
 
-Bing UET supports [advanced consent mode](https://help.ads.microsoft.com/#apex/ads/en/60119/1-500). Use `onBeforeUetStart` to set the default consent state before the script loads. If consent is denied, UET only sends anonymous data.
+Bing UET supports [advanced consent mode](https://help.ads.microsoft.com/#apex/ads/en/60119/1-500). Only `ad_storage` is honoured; set the initial state with `defaultConsent` and update at runtime via `consent.update()`{lang="ts"}:
 
 ```vue
 <script setup lang="ts">
-const { proxy } = useScriptBingUet({
-  onBeforeUetStart(uetq) {
-    uetq.push('consent', 'default', {
-      ad_storage: 'denied',
-    })
-  },
+const { consent } = useScriptBingUet({
+  defaultConsent: { ad_storage: 'denied' },
 })
 
 function grantConsent() {
-  proxy.uetq.push('consent', 'update', {
-    ad_storage: 'granted',
-  })
+  consent.update({ ad_storage: 'granted' })
 }
 </script>
 ```
+
+`onBeforeUetStart` remains available for any other pre-load setup.
diff --git a/docs/content/scripts/clarity.md b/docs/content/scripts/clarity.md
index bd9f3004..8fbc7b23 100644
--- a/docs/content/scripts/clarity.md
+++ b/docs/content/scripts/clarity.md
@@ -18,3 +18,39 @@ links:
 
 ::script-types
 ::
+
+## Consent Mode
+
+Clarity supports a cookie consent toggle (boolean) or an advanced consent vector (record). Set the initial value with `defaultConsent` and call `consent.set()`{lang="ts"} at runtime:
+
+```vue
+<script setup lang="ts">
+const { consent } = useScriptClarity({
+  id: 'YOUR_PROJECT_ID',
+  defaultConsent: false, // disable cookies until user opts in
+})
+
+function acceptAnalytics() {
+  consent.set(true)
+}
+</script>
+```
+
+`consent.set()`{lang="ts"} also accepts Clarity's advanced consent vector for fine-grained cookie categories:
+
+```ts
+const { consent } = useScriptClarity({
+  id: 'YOUR_PROJECT_ID',
+  defaultConsent: {
+    ad_storage: 'denied',
+    analytics_storage: 'granted',
+  },
+})
+
+consent.set({
+  ad_storage: 'granted',
+  analytics_storage: 'granted',
+})
+```
+
+See [Clarity cookie consent](https://learn.microsoft.com/en-us/clarity/setup-and-installation/cookie-consent) for details.
diff --git a/docs/content/scripts/google-analytics.md b/docs/content/scripts/google-analytics.md
index 858539c8..5dbcc5ee 100644
--- a/docs/content/scripts/google-analytics.md
+++ b/docs/content/scripts/google-analytics.md
@@ -30,6 +30,44 @@ proxy.gtag('event', 'page_view')
 
 The proxy exposes the `gtag` and `dataLayer` properties, and you should use them following Google Analytics best practices.
 
+### Consent Mode
+
+Google Analytics natively consumes [GCMv2 consent state](https://developers.google.com/tag-platform/security/guides/consent). Set the default with `defaultConsent` (fires `gtag('consent', 'default', ...)`{lang="ts"} before `gtag('js', ...)`{lang="ts"}) and call `consent.update()`{lang="ts"} at runtime:
+
+```vue
+<script setup lang="ts">
+const { consent } = useScriptGoogleAnalytics({
+  id: 'G-XXXXXXXX',
+  defaultConsent: {
+    ad_storage: 'denied',
+    ad_user_data: 'denied',
+    ad_personalization: 'denied',
+    analytics_storage: 'denied',
+  },
+})
+
+function acceptAll() {
+  consent.update({
+    ad_storage: 'granted',
+    ad_user_data: 'granted',
+    ad_personalization: 'granted',
+    analytics_storage: 'granted',
+  })
+}
+
+function savePreferences(choices: { analytics: boolean, marketing: boolean }) {
+  consent.update({
+    analytics_storage: choices.analytics ? 'granted' : 'denied',
+    ad_storage: choices.marketing ? 'granted' : 'denied',
+    ad_user_data: choices.marketing ? 'granted' : 'denied',
+    ad_personalization: choices.marketing ? 'granted' : 'denied',
+  })
+}
+</script>
+```
+
+`consent.update()`{lang="ts"} accepts any `Partial<ConsentState>`{lang="ts"}; missing categories stay at their current value. For pre-`gtag('js')`{lang="ts"} setup beyond consent defaults, `onBeforeGtagStart` remains available as a general escape hatch.
+
 ### Customer/Consumer ID Tracking
 
 For e-commerce or multi-tenant applications where you need to track customer-specific analytics alongside your main tracking:
diff --git a/docs/content/scripts/google-tag-manager.md b/docs/content/scripts/google-tag-manager.md
index 9e139992..a227e5fb 100644
--- a/docs/content/scripts/google-tag-manager.md
+++ b/docs/content/scripts/google-tag-manager.md
@@ -42,29 +42,15 @@ useScriptEventPage(({ title, path }) => {
 })
 ```
 
-## Configuring GTM before it starts
+## Consent Mode
 
-[`useScriptGoogleTagManager()`{lang="ts"}](/scripts/google-tag-manager){lang="ts"} initializes Google Tag Manager by itself. This means it pushes the `js`, `config` and the `gtm.start` events for you.
-
-If you need to configure GTM before it starts, for example [setting the consent mode](https://developers.google.com/tag-platform/security/guides/consent?consentmode=basic), you have two options:
-
-### Option 1: Using `defaultConsent` in nuxt.config (Recommended)
-
-If you're configuring GTM in `nuxt.config`, use the `defaultConsent` option. See the [Default consent mode](#loading-globally) example above.
-
-### Option 2: Using `onBeforeGtmStart` callback
-
-If you're calling [`useScriptGoogleTagManager()`{lang="ts"}](/scripts/google-tag-manager){lang="ts"} with the ID directly in a component (not in nuxt.config), use the `onBeforeGtmStart` hook which runs right before the `gtm.start` event is pushed.
-
-::callout{icon="i-heroicons-exclamation-triangle" color="warning"}
-`onBeforeGtmStart` only works when the GTM ID is passed directly to [`useScriptGoogleTagManager()`{lang="ts"}](/scripts/google-tag-manager){lang="ts"}, not when configured globally in nuxt.config. For global config, use the `defaultConsent` option instead.
-::
+Google Tag Manager natively consumes [GCMv2 consent state](https://developers.google.com/tag-platform/security/guides/consent?consentmode=basic). Set the default with `defaultConsent` (pushes `['consent','default', state]` onto the dataLayer before the `gtm.js` event) and call `consent.update()`{lang="ts"} at runtime.
 
 ::callout{icon="i-heroicons-play" to="https://stackblitz.com/github/nuxt/scripts/tree/main/examples/cookie-consent" target="_blank"}
 Try the live [Cookie Consent Example](https://stackblitz.com/github/nuxt/scripts/tree/main/examples/cookie-consent) or [Granular Consent Example](https://stackblitz.com/github/nuxt/scripts/tree/main/examples/granular-consent) on [StackBlitz](https://stackblitz.com).
 ::
 
-#### Consent Mode v2 Signals
+### Consent Mode v2 Signals
 
 | Signal | Purpose |
 |--------|---------|
@@ -73,61 +59,46 @@ Try the live [Cookie Consent Example](https://stackblitz.com/github/nuxt/scripts
 | `ad_personalization` | Personalized ads (remarketing) |
 | `analytics_storage` | Cookies for analytics |
 
-#### Updating Consent
+### Example
 
-When the user accepts, call `gtag('consent', 'update', ...)`{lang="ts"}:
+```vue
+<script setup lang="ts">
+const { proxy, consent } = useScriptGoogleTagManager({
+  id: 'GTM-XXXXXX',
+  defaultConsent: {
+    ad_storage: 'denied',
+    ad_user_data: 'denied',
+    ad_personalization: 'denied',
+    analytics_storage: 'denied',
+  },
+})
 
-```ts
-function acceptCookies() {
-  window.gtag?.('consent', 'update', {
+function acceptAll() {
+  consent.update({
     ad_storage: 'granted',
     ad_user_data: 'granted',
     ad_personalization: 'granted',
     analytics_storage: 'granted',
   })
 }
-```
-
-To block GTM until consent, combine with [`useScriptTriggerConsent()`{lang="ts"}](/docs/guides/consent){lang="ts"}.
-
-```vue
-<script setup lang="ts">
-const consent = useState('consent', () => 'denied')
 
-const { proxy } = useScriptGoogleTagManager({
-  onBeforeGtmStart: (gtag) => {
-    // set default consent state to denied
-    gtag('consent', 'default', {
-      ad_user_data: 'denied',
-      ad_personalization: 'denied',
-      ad_storage: 'denied',
-      analytics_storage: 'denied',
-      wait_for_update: 500,
-    })
-
-    // if consent was already given, update gtag accordingly
-    if (consent.value === 'granted') {
-      gtag('consent', 'update', {
-        ad_user_data: consent.value,
-        ad_personalization: consent.value,
-        ad_storage: consent.value,
-        analytics_storage: consent.value
-      })
-    }
-  }
-})
+function savePreferences(choices: { analytics: boolean, marketing: boolean }) {
+  consent.update({
+    analytics_storage: choices.analytics ? 'granted' : 'denied',
+    ad_storage: choices.marketing ? 'granted' : 'denied',
+    ad_user_data: choices.marketing ? 'granted' : 'denied',
+    ad_personalization: choices.marketing ? 'granted' : 'denied',
+  })
+}
 
-// push pageview events to dataLayer
 useScriptEventPage(({ title, path }) => {
-  proxy.dataLayer.push({
-    event: 'pageview',
-    title,
-    path
-  })
+  proxy.dataLayer.push({ event: 'pageview', title, path })
 })
 </script>
 ```
 
+`onBeforeGtmStart` remains available as a general escape hatch for any other pre-`gtm.start` setup (only when the GTM ID is passed directly to the composable, not via `nuxt.config`).
+
 ::script-types
 ::
 
diff --git a/docs/content/scripts/matomo-analytics.md b/docs/content/scripts/matomo-analytics.md
index a9ed6591..6ffbf816 100644
--- a/docs/content/scripts/matomo-analytics.md
+++ b/docs/content/scripts/matomo-analytics.md
@@ -83,6 +83,40 @@ useScriptMatomoAnalytics({
 })
 ```
 
+## Consent Mode
+
+Matomo has a built-in [tracking-consent API](https://developer.matomo.org/guides/tracking-consent) gated by `requireConsent`. Set `defaultConsent` to arm the gate at registration, then call `consent.give()`{lang="ts"} / `consent.forget()`{lang="ts"} at runtime.
+
+### `defaultConsent`
+
+| Value | Behaviour |
+|-------|-----------|
+| `'required'` | Pushes `['requireConsent']`. Nothing is tracked until the user opts in. |
+| `'given'` | Pushes `['requireConsent']` then `['setConsentGiven']`. Tracking starts immediately. |
+| `'not-required'` | Default Matomo behaviour (no consent gating). |
+
+::callout{icon="i-heroicons-exclamation-triangle" color="warning"}
+`consent.give()`{lang="ts"} / `consent.forget()`{lang="ts"} are **no-ops unless `defaultConsent: 'required'` or `'given'` was set at registration** -- Matomo ignores `setConsentGiven` / `forgetConsentGiven` when `requireConsent` hasn't been pushed. A dev-only warning fires if you forget.
+::
+
+### Example
+
+```vue
+<script setup lang="ts">
+const { consent } = useScriptMatomoAnalytics({
+  cloudId: 'YOUR_CLOUD_ID',
+  defaultConsent: 'required',
+})
+
+function onAccept() {
+  consent.give()
+}
+function onRevoke() {
+  consent.forget()
+}
+</script>
+```
+
 ### Using Matomo Whitelabel
 
 For Matomo Whitelabel, set `trackerUrl` and `scriptInput.src` to customize tracking.
diff --git a/docs/content/scripts/meta-pixel.md b/docs/content/scripts/meta-pixel.md
index 22d42463..23d5e290 100644
--- a/docs/content/scripts/meta-pixel.md
+++ b/docs/content/scripts/meta-pixel.md
@@ -20,3 +20,25 @@ Nuxt Scripts provides a registry script composable [`useScriptMetaPixel()`{lang=
 
 ::script-types
 ::
+
+## Consent Mode
+
+Meta Pixel exposes a binary consent toggle. Set the initial state with `defaultConsent` (fires `fbq('consent', 'grant'|'revoke')`{lang="ts"} before `fbq('init', id)`{lang="ts"}) and call `consent.grant()`{lang="ts"} / `consent.revoke()`{lang="ts"} at runtime:
+
+```vue
+<script setup lang="ts">
+const { consent } = useScriptMetaPixel({
+  id: 'YOUR_PIXEL_ID',
+  defaultConsent: 'denied',
+})
+
+function acceptAds() {
+  consent.grant()
+}
+function rejectAds() {
+  consent.revoke()
+}
+</script>
+```
+
+See [Meta's consent docs](https://www.facebook.com/business/help/1151321516677370) for details.
diff --git a/docs/content/scripts/mixpanel-analytics.md b/docs/content/scripts/mixpanel-analytics.md
index 7735708d..b3cc4fe3 100644
--- a/docs/content/scripts/mixpanel-analytics.md
+++ b/docs/content/scripts/mixpanel-analytics.md
@@ -69,3 +69,36 @@ proxy.mixpanel.register({
 })
 </script>
 ```
+
+## Consent Mode
+
+Mixpanel exposes [`opt_in_tracking` / `opt_out_tracking`](https://docs.mixpanel.com/docs/privacy/opt-out-of-tracking). Set the boot-time default with `defaultConsent` and call `consent.optIn()`{lang="ts"} / `consent.optOut()`{lang="ts"} at runtime.
+
+### `defaultConsent`
+
+| Value | Behaviour |
+|-------|-----------|
+| `'opt-in'` | Starts opted in. |
+| `'opt-out'` | Calls `mixpanel.init(..., { opt_out_tracking_by_default: true })`{lang="ts"} so the SDK boots opted out. |
+
+::callout{icon="i-heroicons-information-circle"}
+Use `defaultConsent: 'opt-out'` when you need the SDK to boot opted out. The runtime `consent.optOut()`{lang="ts"} calls `opt_out_tracking()`{lang="ts"} **after** init, which is weaker than the boot-time flag; any events captured between init and the opt-out call are still sent.
+::
+
+### Example
+
+```vue
+<script setup lang="ts">
+const { consent } = useScriptMixpanelAnalytics({
+  token: 'YOUR_TOKEN',
+  defaultConsent: 'opt-out',
+})
+
+function onAccept() {
+  consent.optIn()
+}
+function onRevoke() {
+  consent.optOut()
+}
+</script>
+```
diff --git a/docs/content/scripts/posthog.md b/docs/content/scripts/posthog.md
index 3334e83b..b13e9292 100644
--- a/docs/content/scripts/posthog.md
+++ b/docs/content/scripts/posthog.md
@@ -101,6 +101,54 @@ onLoaded(({ posthog }) => {
 })
 ```
 
+## Consent Mode
+
+PostHog exposes [`opt_in_capturing` / `opt_out_capturing`](https://posthog.com/docs/privacy/opting-out). Set the boot-time default with `defaultConsent` and call `consent.optIn()`{lang="ts"} / `consent.optOut()`{lang="ts"} at runtime.
+
+### `defaultConsent`
+
+| Value | Behaviour |
+|-------|-----------|
+| `'opt-in'` | Calls `posthog.opt_in_capturing()`{lang="ts"} immediately after init. |
+| `'opt-out'` | Calls `posthog.init(..., { opt_out_capturing_by_default: true })`{lang="ts"} so the SDK boots opted out. |
+
+::callout{icon="i-heroicons-information-circle"}
+Use `defaultConsent: 'opt-out'` when you need the SDK to boot opted out. The runtime `consent.optOut()`{lang="ts"} calls `opt_out_capturing()`{lang="ts"} **after** init, which is weaker than the boot-time flag; any events captured between init and the opt-out call are still sent.
+::
+
+### Example
+
+```vue
+<script setup lang="ts">
+const { consent } = useScriptPostHog({
+  apiKey: 'YOUR_API_KEY',
+  defaultConsent: 'opt-out',
+})
+
+function onAccept() {
+  consent.optIn()
+}
+function onRevoke() {
+  consent.optOut()
+}
+</script>
+```
+
+Configuring PostHog globally in `nuxt.config`:
+
+```ts
+export default defineNuxtConfig({
+  scripts: {
+    registry: {
+      posthog: {
+        apiKey: 'YOUR_API_KEY',
+        defaultConsent: 'opt-out',
+      }
+    }
+  }
+})
+```
+
 ## Disabling Session Recording
 
 ```ts
diff --git a/docs/content/scripts/tiktok-pixel.md b/docs/content/scripts/tiktok-pixel.md
index f2787e24..d35513ec 100644
--- a/docs/content/scripts/tiktok-pixel.md
+++ b/docs/content/scripts/tiktok-pixel.md
@@ -48,5 +48,27 @@ export default defineNuxtConfig({
 })
 ```
 
+## Consent Mode
+
+TikTok Pixel exposes a three-state consent API: grant, revoke, or hold (defer the decision). Set the initial state with `defaultConsent` and call `consent.grant()`{lang="ts"} / `consent.revoke()`{lang="ts"} / `consent.hold()`{lang="ts"} at runtime:
+
+```vue
+<script setup lang="ts">
+const { consent } = useScriptTikTokPixel({
+  id: 'YOUR_PIXEL_ID',
+  defaultConsent: 'hold', // 'granted' | 'denied' | 'hold'
+})
+
+function acceptAds() {
+  consent.grant()
+}
+function rejectAds() {
+  consent.revoke()
+}
+</script>
+```
+
+See the [TikTok cookie consent docs](https://business-api.tiktok.com/portal/docs?id=1739585600931842) for the full behaviour.
+
 ::script-types
 ::
diff --git a/examples/cookie-consent/app.vue b/examples/cookie-consent/app.vue
index 6595efd3..11e4c7bb 100644
--- a/examples/cookie-consent/app.vue
+++ b/examples/cookie-consent/app.vue
@@ -1,35 +1,27 @@
 <script lang="ts" setup>
 const showBanner = ref(true)
-const consent = useScriptTriggerConsent()
 
-// Google Tag Manager with Consent Mode v2
-// GTM loads after consent, but we set default denied state first
-useScriptGoogleTagManager({
+const cookiesConsent = useScriptTriggerConsent()
+
+const { consent } = useScriptGoogleTagManager({
   id: 'GTM-DEMO123',
-  scriptOptions: {
-    trigger: consent,
-  },
-  // Set default consent state BEFORE GTM loads
-  onBeforeGtmStart: (gtag) => {
-    gtag('consent', 'default', {
-      ad_storage: 'denied',
-      ad_user_data: 'denied',
-      ad_personalization: 'denied',
-      analytics_storage: 'denied',
-      wait_for_update: 500,
-    })
+  defaultConsent: {
+    ad_storage: 'denied',
+    ad_user_data: 'denied',
+    ad_personalization: 'denied',
+    analytics_storage: 'denied',
   },
+  scriptOptions: { trigger: cookiesConsent },
 })
 
 function accept() {
-  // Update consent state when user accepts
-  window.gtag?.('consent', 'update', {
+  consent.update({
     ad_storage: 'granted',
     ad_user_data: 'granted',
     ad_personalization: 'granted',
     analytics_storage: 'granted',
   })
-  consent.accept()
+  cookiesConsent.accept()
   showBanner.value = false
 }
 
@@ -46,7 +38,7 @@ function decline() {
           Cookie Consent Example
         </h1>
         <p class="text-gray-600 dark:text-gray-400 mb-8">
-          This example shows how to use <code>useScriptTriggerConsent()</code> to defer loading scripts until the user accepts cookies.
+          Gate GTM behind <code>useScriptTriggerConsent()</code>, set a denied default via <code>defaultConsent</code>, and flip categories with the script's own <code>consent.update()</code>.
         </p>
 
         <UCard>
@@ -56,10 +48,10 @@ function decline() {
             </h2>
           </template>
           <ul class="list-disc list-inside space-y-2 text-sm">
-            <li>Uses Google Consent Mode v2 with default denied state</li>
-            <li>GTM loads after consent with <code>onBeforeGtmStart</code> callback</li>
-            <li>Consent state updates via <code>gtag('consent', 'update', ...)</code></li>
-            <li>Open DevTools Network tab to see script load after accepting</li>
+            <li><code>defaultConsent</code> pushes the GCMv2 default into the dataLayer before GTM loads</li>
+            <li><code>useScriptTriggerConsent()</code> blocks the script until the user accepts</li>
+            <li><code>consent.update()</code> pushes a typed GCMv2 update at runtime</li>
+            <li>Open DevTools Network tab to see the script load after accepting</li>
           </ul>
         </UCard>
       </div>
diff --git a/examples/granular-consent/app.vue b/examples/granular-consent/app.vue
index 06b94eaf..9bc92c49 100644
--- a/examples/granular-consent/app.vue
+++ b/examples/granular-consent/app.vue
@@ -2,46 +2,49 @@
 const showBanner = ref(true)
 const showPreferences = ref(false)
 
-// Separate consent triggers for each category
 const analyticsConsent = useScriptTriggerConsent()
 const marketingConsent = useScriptTriggerConsent()
 const functionalConsent = useScriptTriggerConsent()
 
-// Track user preferences
 const preferences = reactive({
   analytics: false,
   marketing: false,
   functional: false,
 })
 
-// Analytics: Google Analytics
-useScriptGoogleAnalytics({
+const ga = useScriptGoogleAnalytics({
   id: 'G-DEMO123456',
-  scriptOptions: {
-    trigger: analyticsConsent,
+  defaultConsent: {
+    ad_storage: 'denied',
+    ad_user_data: 'denied',
+    ad_personalization: 'denied',
+    analytics_storage: 'denied',
   },
+  scriptOptions: { trigger: analyticsConsent },
 })
 
-// Marketing: Meta Pixel
-useScriptMetaPixel({
+const meta = useScriptMetaPixel({
   id: '1234567890',
-  scriptOptions: {
-    trigger: marketingConsent,
-  },
+  defaultConsent: 'denied',
+  scriptOptions: { trigger: marketingConsent },
 })
 
-// Functional: Crisp Chat
 useScriptCrisp({
   id: 'demo-crisp-id',
-  scriptOptions: {
-    trigger: functionalConsent,
-  },
+  scriptOptions: { trigger: functionalConsent },
 })
 
 function acceptAll() {
   preferences.analytics = true
   preferences.marketing = true
   preferences.functional = true
+  ga.consent.update({
+    ad_storage: 'granted',
+    ad_user_data: 'granted',
+    ad_personalization: 'granted',
+    analytics_storage: 'granted',
+  })
+  meta.consent.grant()
   analyticsConsent.accept()
   marketingConsent.accept()
   functionalConsent.accept()
@@ -53,6 +56,16 @@ function declineAll() {
 }
 
 function savePreferences() {
+  ga.consent.update({
+    analytics_storage: preferences.analytics ? 'granted' : 'denied',
+    ad_storage: preferences.marketing ? 'granted' : 'denied',
+    ad_user_data: preferences.marketing ? 'granted' : 'denied',
+    ad_personalization: preferences.marketing ? 'granted' : 'denied',
+  })
+  if (preferences.marketing)
+    meta.consent.grant()
+  else
+    meta.consent.revoke()
   if (preferences.analytics)
     analyticsConsent.accept()
   if (preferences.marketing)
@@ -72,7 +85,7 @@ function savePreferences() {
           Granular Consent Example
         </h1>
         <p class="text-gray-600 dark:text-gray-400 mb-8">
-          This example shows per-category consent with separate triggers for analytics, marketing, and functional scripts.
+          Per-category consent wired explicitly: each script has its own trigger gate and its own vendor-native <code>consent</code> API for runtime updates.
         </p>
 
         <div class="space-y-4">
@@ -108,7 +121,7 @@ function savePreferences() {
               </div>
             </template>
             <p class="text-sm text-gray-600 dark:text-gray-400">
-              Status: {{ preferences.functional ? 'Consented' : 'Pending consent' }}
+              Status: {{ functionalConsent.consented.value ? 'Consented' : 'Pending consent' }}
             </p>
           </UCard>
         </div>
diff --git a/packages/script/src/registry-types.json b/packages/script/src/registry-types.json
index e1692b2f..0bf64333 100644
--- a/packages/script/src/registry-types.json
+++ b/packages/script/src/registry-types.json
@@ -4,7 +4,7 @@
       {
         "name": "BingUetOptions",
         "kind": "const",
-        "code": "export const BingUetOptions = object({\n  /**\n   * Your Bing UET tag ID.\n   * @see https://help.ads.microsoft.com/#apex/ads/en/56682/2-500\n   */\n  id: string(),\n  /**\n   * Enable automatic SPA page tracking.\n   * @default true\n   */\n  enableAutoSpaTracking: optional(boolean()),\n})"
+        "code": "export const BingUetOptions = object({\n  /**\n   * Your Bing UET tag ID.\n   * @see https://help.ads.microsoft.com/#apex/ads/en/56682/2-500\n   */\n  id: string(),\n  /**\n   * Enable automatic SPA page tracking.\n   * @default true\n   */\n  enableAutoSpaTracking: optional(boolean()),\n  /**\n   * Default consent state fired as `uetq.push('consent', 'default', ...)` before UET init.\n   * @see https://help.ads.microsoft.com/#apex/ads/en/60119/1-500\n   */\n  defaultConsent: optional(object({\n    ad_storage: optional(consentCategoryValue),\n  })),\n})"
       },
       {
         "name": "BingUetConsentStatus",
@@ -65,6 +65,11 @@
         "name": "BingUetApi",
         "kind": "interface",
         "code": "export interface BingUetApi {\n  uetq: BingUetQueue\n}"
+      },
+      {
+        "name": "BingUetConsent",
+        "kind": "interface",
+        "code": "export interface BingUetConsent {\n  /** Push `['consent','update', state]` with the `ad_storage` signal. */\n  update: (state: BingUetConsentOptions) => void\n}"
       }
     ],
     "bluesky-embed": [
@@ -93,7 +98,7 @@
       {
         "name": "ClarityOptions",
         "kind": "const",
-        "code": "export const ClarityOptions = object({\n  /**\n   * The Clarity token.\n   * @see https://learn.microsoft.com/en-us/clarity/setup-clarity\n   */\n  id: pipe(string(), minLength(10)),\n})"
+        "code": "export const ClarityOptions = object({\n  /**\n   * The Clarity token.\n   * @see https://learn.microsoft.com/en-us/clarity/setup-clarity\n   */\n  id: pipe(string(), minLength(10)),\n  /**\n   * Default consent state applied before Clarity starts.\n   * - `boolean` - enable / disable cookies.\n   * - `Record<string, string>` - advanced consent vector (see Clarity docs).\n   * @see https://learn.microsoft.com/en-us/clarity/setup-and-installation/cookie-consent\n   */\n  defaultConsent: optional(union([boolean(), record(string(), string())])),\n})"
       },
       {
         "name": "ClarityFunctions",
@@ -104,6 +109,11 @@
         "name": "ClarityApi",
         "kind": "interface",
         "code": "export interface ClarityApi {\n  clarity: ClarityFunctions & {\n    q: any[]\n    v: string\n  }\n}"
+      },
+      {
+        "name": "ClarityConsent",
+        "kind": "interface",
+        "code": "export interface ClarityConsent {\n  /** Call `clarity('consent', value)` with either a boolean (default) or Clarity's advanced vector. */\n  set: (value: boolean | Record<string, string>) => void\n}"
       }
     ],
     "cloudflare-web-analytics": [
@@ -250,7 +260,12 @@
       {
         "name": "GoogleAnalyticsOptions",
         "kind": "const",
-        "code": "export const GoogleAnalyticsOptions = object({\n  /**\n   * The GA4 measurement ID.\n   * @example 'G-XXXXXXXX'\n   * @see https://developers.google.com/analytics/devguides/collection/gtagjs\n   */\n  id: optional(string()),\n  /**\n   * Global name for the dataLayer variable.\n   * @default 'dataLayer'\n   * @see https://developers.google.com/analytics/devguides/collection/gtagjs/setting-up-gtag#rename_the_data_layer\n   */\n  l: optional(string()),\n})"
+        "code": "export const GoogleAnalyticsOptions = object({\n  /**\n   * The GA4 measurement ID.\n   * @example 'G-XXXXXXXX'\n   * @see https://developers.google.com/analytics/devguides/collection/gtagjs\n   */\n  id: optional(string()),\n  /**\n   * Global name for the dataLayer variable.\n   * @default 'dataLayer'\n   * @see https://developers.google.com/analytics/devguides/collection/gtagjs/setting-up-gtag#rename_the_data_layer\n   */\n  l: optional(string()),\n  /**\n   * Default GCMv2 consent state fired as `gtag('consent', 'default', ...)` before `gtag('js', ...)`.\n   * @see https://developers.google.com/tag-platform/security/guides/consent\n   */\n  defaultConsent: optional(gcmConsentState),\n})"
+      },
+      {
+        "name": "GoogleAnalyticsConsent",
+        "kind": "interface",
+        "code": "export interface GoogleAnalyticsConsent {\n  /** Send `gtag('consent','update', state)` with GCMv2 partial state. */\n  update: (state: ConsentState) => void\n}"
       }
     ],
     "google-maps": [
@@ -484,6 +499,11 @@
         "name": "GoogleTagManagerOptions",
         "kind": "const",
         "code": "export const GoogleTagManagerOptions = object({\n  /**\n   * GTM container ID (format: GTM-XXXXXX)\n   * @see https://developers.google.com/tag-platform/tag-manager/web#install-the-container\n   */\n  id: string(),\n\n  /**\n   * Optional dataLayer variable name\n   * @default 'dataLayer'\n   * @see https://developers.google.com/tag-platform/tag-manager/web/datalayer#rename_the_data_layer\n   */\n  l: optional(string()),\n\n  /**\n   * Authentication token for environment-specific container versions\n   * @see https://support.google.com/tagmanager/answer/6328337\n   */\n  auth: optional(string()),\n\n  /**\n   * Preview environment name\n   * @see https://support.google.com/tagmanager/answer/6328337\n   */\n  preview: optional(string()),\n\n  /** Forces GTM cookies to take precedence when true */\n  cookiesWin: optional(union([boolean(), literal('x')])),\n\n  /**\n   * Enables debug mode when true\n   * @see https://support.google.com/tagmanager/answer/6107056\n   */\n  debug: optional(union([boolean(), literal('x')])),\n\n  /**\n   * No Personal Advertising - disables advertising features when true\n   * @see https://developers.google.com/tag-platform/tag-manager/templates/consent-apis\n   */\n  npa: optional(union([boolean(), literal('1')])),\n\n  /** Custom dataLayer name (alternative to \"l\" property) */\n  dataLayer: optional(string()),\n\n  /**\n   * Environment name for environment-specific container\n   * @see https://support.google.com/tagmanager/answer/6328337\n   */\n  envName: optional(string()),\n\n  /** Referrer policy for analytics requests */\n  authReferrerPolicy: optional(string()),\n\n  /**\n   * Default consent settings for GTM\n   * @see https://developers.google.com/tag-platform/tag-manager/templates/consent-apis\n   */\n  defaultConsent: optional(record(string(), union([string(), number()]))),\n})"
+      },
+      {
+        "name": "GoogleTagManagerConsent",
+        "kind": "interface",
+        "code": "export interface GoogleTagManagerConsent {\n  /** Push `['consent','update', state]` onto dataLayer with GCMv2 partial state. */\n  update: (state: ConsentState) => void\n}"
       }
     ],
     "gravatar": [
@@ -585,12 +605,17 @@
       {
         "name": "MatomoAnalyticsOptions",
         "kind": "const",
-        "code": "export const MatomoAnalyticsOptions = object({\n  /**\n   * The URL of your self-hosted Matomo instance.\n   * Either `matomoUrl` or `cloudId` is required.\n   * @example 'https://matomo.example.com'\n   * @see https://developer.matomo.org/guides/tracking-javascript-guide\n   */\n  matomoUrl: optional(string()),\n  /**\n   * Your Matomo site ID.\n   * @default '1'\n   */\n  siteId: optional(union([string(), number()])),\n  /**\n   * Your Matomo Cloud ID (the subdomain portion of your `*.matomo.cloud` URL).\n   * Either `matomoUrl` or `cloudId` is required.\n   * @example 'mysite.matomo.cloud'\n   */\n  cloudId: optional(string()),\n  /**\n   * A custom tracker URL. Overrides the default tracker endpoint derived from `matomoUrl` or `cloudId`.\n   */\n  trackerUrl: optional(string()),\n  /**\n   * Whether to track the initial page view on load.\n   * @deprecated Use `watch: true` (default) for automatic page view tracking.\n   */\n  trackPageView: optional(boolean()),\n  /**\n   * Enable download and outlink tracking.\n   */\n  enableLinkTracking: optional(boolean()),\n  /**\n   * Disable all tracking cookies for cookieless analytics.\n   */\n  disableCookies: optional(boolean()),\n  /**\n   * Automatically track page views on route change.\n   * @default true\n   */\n  watch: optional(boolean()),\n})"
+        "code": "export const MatomoAnalyticsOptions = object({\n  /**\n   * The URL of your self-hosted Matomo instance.\n   * Either `matomoUrl` or `cloudId` is required.\n   * @example 'https://matomo.example.com'\n   * @see https://developer.matomo.org/guides/tracking-javascript-guide\n   */\n  matomoUrl: optional(string()),\n  /**\n   * Your Matomo site ID.\n   * @default '1'\n   */\n  siteId: optional(union([string(), number()])),\n  /**\n   * Your Matomo Cloud ID (the subdomain portion of your `*.matomo.cloud` URL).\n   * Either `matomoUrl` or `cloudId` is required.\n   * @example 'mysite.matomo.cloud'\n   */\n  cloudId: optional(string()),\n  /**\n   * A custom tracker URL. Overrides the default tracker endpoint derived from `matomoUrl` or `cloudId`.\n   */\n  trackerUrl: optional(string()),\n  /**\n   * Whether to track the initial page view on load.\n   * @deprecated Use `watch: true` (default) for automatic page view tracking.\n   */\n  trackPageView: optional(boolean()),\n  /**\n   * Enable download and outlink tracking.\n   */\n  enableLinkTracking: optional(boolean()),\n  /**\n   * Disable all tracking cookies for cookieless analytics.\n   */\n  disableCookies: optional(boolean()),\n  /**\n   * Automatically track page views on route change.\n   * @default true\n   */\n  watch: optional(boolean()),\n  /**\n   * Default tracking-consent state applied BEFORE the tracker is initialised.\n   * - `'required'` — call `requireConsent` without granting (user must opt in later).\n   * - `'given'` — call `requireConsent` then `setConsentGiven`.\n   * - `'not-required'` — no consent gating (default Matomo behaviour).\n   * @see https://developer.matomo.org/guides/tracking-consent\n   */\n  defaultConsent: optional(union([literal('required'), literal('given'), literal('not-required')])),\n})"
       },
       {
         "name": "MatomoAnalyticsApi",
         "kind": "interface",
-        "code": "interface MatomoAnalyticsApi {\n  _paq: unknown[]\n}"
+        "code": "export interface MatomoAnalyticsApi {\n  _paq: unknown[]\n}"
+      },
+      {
+        "name": "MatomoConsent",
+        "kind": "interface",
+        "code": "export interface MatomoConsent {\n  /** Push `setConsentGiven`. Requires `defaultConsent: 'required' | 'given'` at registration to have an effect. */\n  give: () => void\n  /** Push `forgetConsentGiven`. Requires `defaultConsent: 'required' | 'given'` at registration to have an effect. */\n  forget: () => void\n}"
       }
     ],
     "meta-pixel": [
@@ -627,19 +652,29 @@
       {
         "name": "MetaPixelOptions",
         "kind": "const",
-        "code": "export const MetaPixelOptions = object({\n  /**\n   * Your Meta (Facebook) Pixel ID.\n   * @see https://developers.facebook.com/docs/meta-pixel/get-started\n   */\n  id: union([string(), number()]),\n})"
+        "code": "export const MetaPixelOptions = object({\n  /**\n   * Your Meta (Facebook) Pixel ID.\n   * @see https://developers.facebook.com/docs/meta-pixel/get-started\n   */\n  id: union([string(), number()]),\n  /**\n   * Default consent state. `'granted'` fires `fbq('consent', 'grant')`,\n   * `'denied'` fires `fbq('consent', 'revoke')`, both called before `fbq('init', id)`.\n   * @see https://www.facebook.com/business/help/1151321516677370\n   */\n  defaultConsent: optional(union([literal('granted'), literal('denied')])),\n})"
+      },
+      {
+        "name": "MetaPixelConsent",
+        "kind": "interface",
+        "code": "export interface MetaPixelConsent {\n  /** Call `fbq('consent','grant')`. */\n  grant: () => void\n  /** Call `fbq('consent','revoke')`. */\n  revoke: () => void\n}"
       }
     ],
     "mixpanel-analytics": [
       {
         "name": "MixpanelAnalyticsOptions",
         "kind": "const",
-        "code": "export const MixpanelAnalyticsOptions = object({\n  /**\n   * Your Mixpanel project token.\n   * @see https://docs.mixpanel.com/docs/tracking-methods/sdks/javascript#1-initialize-the-library\n   */\n  token: string(),\n})"
+        "code": "export const MixpanelAnalyticsOptions = object({\n  /**\n   * Your Mixpanel project token.\n   * @see https://docs.mixpanel.com/docs/tracking-methods/sdks/javascript#1-initialize-the-library\n   */\n  token: string(),\n  /**\n   * Default tracking-consent state for Mixpanel.\n   * - `'opt-out'`: passed as `opt_out_tracking_by_default: true` to `mixpanel.init`, so tracking is suppressed from the first call.\n   * - `'opt-in'`: queued via `mixpanel.push(['opt_in_tracking'])` so the real SDK runs it immediately after load.\n   * @see https://docs.mixpanel.com/docs/privacy/opt-out-of-tracking\n   */\n  defaultConsent: optional(union([literal('opt-in'), literal('opt-out')])),\n})"
       },
       {
         "name": "MixpanelAnalyticsApi",
         "kind": "interface",
-        "code": "export interface MixpanelAnalyticsApi {\n  mixpanel: {\n    track: (event: string, properties?: Record<string, any>) => void\n    identify: (distinctId: string) => void\n    reset: () => void\n    people: {\n      set: (properties: Record<string, any>) => void\n    }\n    register: (properties: Record<string, any>) => void\n    init: (token: string, config?: Record<string, any>) => void\n  }\n}"
+        "code": "export interface MixpanelAnalyticsApi {\n  mixpanel: {\n    track: (event: string, properties?: Record<string, any>) => void\n    identify: (distinctId: string) => void\n    reset: () => void\n    people: {\n      set: (properties: Record<string, any>) => void\n    }\n    register: (properties: Record<string, any>) => void\n    init: (token: string, config?: Record<string, any>) => void\n    /** Opt the user in to tracking. Available after the real SDK loads. */\n    opt_in_tracking?: () => void\n    /** Opt the user out of tracking. Available after the real SDK loads. */\n    opt_out_tracking?: () => void\n  }\n}"
+      },
+      {
+        "name": "MixpanelConsent",
+        "kind": "interface",
+        "code": "export interface MixpanelConsent {\n  /** Call `mixpanel.opt_in_tracking()`. */\n  optIn: () => void\n  /** Call `mixpanel.opt_out_tracking()`. For boot-time opt-out, use `defaultConsent: 'opt-out'` instead. */\n  optOut: () => void\n}"
       }
     ],
     "npm": [
@@ -722,12 +757,17 @@
       {
         "name": "PostHogOptions",
         "kind": "const",
-        "code": "export const PostHogOptions = object({\n  /**\n   * Your PostHog project API key.\n   * @see https://posthog.com/docs/libraries/js#usage\n   */\n  apiKey: string(),\n  /**\n   * Your PostHog data region.\n   * @default 'us'\n   * @see https://posthog.com/docs/libraries/js#config\n   */\n  region: optional(union([literal('us'), literal('eu')])),\n  /**\n   * Custom API host URL. Overrides the default derived from `region`.\n   * Useful for self-hosted instances or reverse proxies.\n   */\n  apiHost: optional(string()),\n  /**\n   * Enable autocapture of clicks, form submissions, and page views.\n   * @default true\n   */\n  autocapture: optional(boolean()),\n  /**\n   * Capture page views automatically. Set to `'history_change'` to only capture on history changes.\n   * @default true\n   */\n  capturePageview: optional(union([boolean(), literal('history_change')])),\n  /**\n   * Capture page leave events automatically.\n   * @default true\n   */\n  capturePageleave: optional(boolean()),\n  /**\n   * Disable session recording.\n   */\n  disableSessionRecording: optional(boolean()),\n  /**\n   * Additional PostHog configuration options passed directly to `posthog.init()`.\n   * @see https://posthog.com/docs/libraries/js#config\n   */\n  config: optional(record(string(), any())),\n})"
+        "code": "export const PostHogOptions = object({\n  /**\n   * Your PostHog project API key.\n   * @see https://posthog.com/docs/libraries/js#usage\n   */\n  apiKey: string(),\n  /**\n   * Your PostHog data region.\n   * @default 'us'\n   * @see https://posthog.com/docs/libraries/js#config\n   */\n  region: optional(union([literal('us'), literal('eu')])),\n  /**\n   * Custom API host URL. Overrides the default derived from `region`.\n   * Useful for self-hosted instances or reverse proxies.\n   */\n  apiHost: optional(string()),\n  /**\n   * Enable autocapture of clicks, form submissions, and page views.\n   * @default true\n   */\n  autocapture: optional(boolean()),\n  /**\n   * Capture page views automatically. Set to `'history_change'` to only capture on history changes.\n   * @default true\n   */\n  capturePageview: optional(union([boolean(), literal('history_change')])),\n  /**\n   * Capture page leave events automatically.\n   * @default true\n   */\n  capturePageleave: optional(boolean()),\n  /**\n   * Disable session recording.\n   */\n  disableSessionRecording: optional(boolean()),\n  /**\n   * Additional PostHog configuration options passed directly to `posthog.init()`.\n   * @see https://posthog.com/docs/libraries/js#config\n   */\n  config: optional(record(string(), any())),\n  /**\n   * Default capture-consent state for PostHog.\n   * - `'opt-out'`: passed as `opt_out_capturing_by_default: true` to `posthog.init`, so capturing is suppressed from the first event.\n   * - `'opt-in'`: applied after `posthog.init` via `posthog.opt_in_capturing()` on the returned instance.\n   * @see https://posthog.com/docs/privacy/opting-out\n   */\n  defaultConsent: optional(union([literal('opt-in'), literal('opt-out')])),\n})"
       },
       {
         "name": "PostHogApi",
         "kind": "interface",
         "code": "export interface PostHogApi {\n  posthog: PostHog\n}"
+      },
+      {
+        "name": "PostHogConsent",
+        "kind": "interface",
+        "code": "export interface PostHogConsent {\n  /** Call `posthog.opt_in_capturing()`. */\n  optIn: () => void\n  /** Call `posthog.opt_out_capturing()`. For boot-time opt-out, use `defaultConsent: 'opt-out'` instead. */\n  optOut: () => void\n}"
       }
     ],
     "reddit-pixel": [
@@ -874,12 +914,17 @@
       {
         "name": "TikTokPixelApi",
         "kind": "interface",
-        "code": "export interface TikTokPixelApi {\n  ttq: TtqFns & {\n    push: TtqFns\n    loaded: boolean\n    queue: any[]\n  }\n}"
+        "code": "export interface TikTokPixelApi {\n  ttq: TtqFns & {\n    push: TtqFns\n    loaded: boolean\n    queue: any[]\n    /** Opt user in to tracking. Available after the script loads. */\n    grantConsent: () => void\n    /** Opt user out of tracking. Available after the script loads. */\n    revokeConsent: () => void\n    /** Defer consent until an explicit grant/revoke. Available after the script loads. */\n    holdConsent: () => void\n  }\n}"
       },
       {
         "name": "TikTokPixelOptions",
         "kind": "const",
-        "code": "export const TikTokPixelOptions = object({\n  /**\n   * Your TikTok Pixel ID.\n   * @see https://ads.tiktok.com/help/article/get-started-pixel\n   */\n  id: string(),\n  /**\n   * Whether to automatically track a page view on initialization.\n   * @default true\n   */\n  trackPageView: optional(boolean()),\n})"
+        "code": "export const TikTokPixelOptions = object({\n  /**\n   * Your TikTok Pixel ID.\n   * @see https://ads.tiktok.com/help/article/get-started-pixel\n   */\n  id: string(),\n  /**\n   * Whether to automatically track a page view on initialization.\n   * @default true\n   */\n  trackPageView: optional(boolean()),\n  /**\n   * Default consent state, applied before `ttq('init', id)`.\n   * - `'granted'` fires `ttq.grantConsent()`\n   * - `'denied'` fires `ttq.revokeConsent()`\n   * - `'hold'` fires `ttq.holdConsent()` to defer until an explicit update\n   * @see https://business-api.tiktok.com/portal/docs?id=1739585600931842\n   */\n  defaultConsent: optional(union([literal('granted'), literal('denied'), literal('hold')])),\n})"
+      },
+      {
+        "name": "TikTokPixelConsent",
+        "kind": "interface",
+        "code": "export interface TikTokPixelConsent {\n  /** Call `ttq.grantConsent()`. */\n  grant: () => void\n  /** Call `ttq.revokeConsent()`. */\n  revoke: () => void\n  /** Call `ttq.holdConsent()` to defer the decision. */\n  hold: () => void\n}"
       }
     ],
     "umami-analytics": [
@@ -1066,6 +1111,12 @@
         "type": "string",
         "required": true,
         "description": "The Clarity token."
+      },
+      {
+        "name": "defaultConsent",
+        "type": "boolean | Record<string, string>",
+        "required": false,
+        "description": "Default consent state applied before Clarity starts. - `boolean` - enable / disable cookies. - `Record<string, string>` - advanced consent vector (see Clarity docs)."
       }
     ],
     "CloudflareWebAnalyticsOptions": [
@@ -1384,6 +1435,12 @@
         "required": false,
         "description": "Global name for the dataLayer variable.",
         "defaultValue": "'dataLayer'"
+      },
+      {
+        "name": "defaultConsent",
+        "type": "unknown",
+        "required": false,
+        "description": "Default GCMv2 consent state fired as `gtag('consent', 'default', ...)` before `gtag('js', ...)`."
       }
     ],
     "GoogleMapsOptions": [
@@ -1715,6 +1772,12 @@
         "required": false,
         "description": "Automatically track page views on route change.",
         "defaultValue": "true"
+      },
+      {
+        "name": "defaultConsent",
+        "type": "'required' | 'given' | 'not-required'",
+        "required": false,
+        "description": "Default tracking-consent state applied BEFORE the tracker is initialised. - `'required'` — call `requireConsent` without granting (user must opt in later). - `'given'` — call `requireConsent` then `setConsentGiven`. - `'not-required'` — no consent gating (default Matomo behaviour)."
       }
     ],
     "MetaPixelOptions": [
@@ -1723,6 +1786,12 @@
         "type": "string | number",
         "required": true,
         "description": "Your Meta (Facebook) Pixel ID."
+      },
+      {
+        "name": "defaultConsent",
+        "type": "'granted' | 'denied'",
+        "required": false,
+        "description": "Default consent state. `'granted'` fires `fbq('consent', 'grant')`, `'denied'` fires `fbq('consent', 'revoke')`, both called before `fbq('init', id)`."
       }
     ],
     "NpmOptions": [
@@ -1805,6 +1874,12 @@
         "type": "Record<string, any>",
         "required": false,
         "description": "Additional PostHog configuration options passed directly to `posthog.init()`."
+      },
+      {
+        "name": "defaultConsent",
+        "type": "'opt-in' | 'opt-out'",
+        "required": false,
+        "description": "Default capture-consent state for PostHog. - `'opt-out'`: passed as `opt_out_capturing_by_default: true` to `posthog.init`, so capturing is suppressed from the first event. - `'opt-in'`: applied after `posthog.init` via `posthog.opt_in_capturing()` on the returned instance."
       }
     ],
     "RedditPixelOptions": [
@@ -1903,6 +1978,12 @@
         "type": "string",
         "required": true,
         "description": "Your Mixpanel project token."
+      },
+      {
+        "name": "defaultConsent",
+        "type": "'opt-in' | 'opt-out'",
+        "required": false,
+        "description": "Default tracking-consent state for Mixpanel. - `'opt-out'`: passed as `opt_out_tracking_by_default: true` to `mixpanel.init`, so tracking is suppressed from the first call. - `'opt-in'`: queued via `mixpanel.push(['opt_in_tracking'])` so the real SDK runs it immediately after load."
       }
     ],
     "BingUetOptions": [
@@ -1918,6 +1999,12 @@
         "required": false,
         "description": "Enable automatic SPA page tracking.",
         "defaultValue": "true"
+      },
+      {
+        "name": "defaultConsent",
+        "type": "object",
+        "required": false,
+        "description": "Default consent state fired as `uetq.push('consent', 'default', ...)` before UET init."
       }
     ],
     "SegmentOptions": [
@@ -2045,6 +2132,12 @@
         "required": false,
         "description": "Whether to automatically track a page view on initialization.",
         "defaultValue": "true"
+      },
+      {
+        "name": "defaultConsent",
+        "type": "'granted' | 'denied' | 'hold'",
+        "required": false,
+        "description": "Default consent state, applied before `ttq('init', id)`. - `'granted'` fires `ttq.grantConsent()` - `'denied'` fires `ttq.revokeConsent()` - `'hold'` fires `ttq.holdConsent()` to defer until an explicit update"
       }
     ],
     "UmamiAnalyticsOptions": [
diff --git a/packages/script/src/registry.ts b/packages/script/src/registry.ts
index 0f935281..7168deb1 100644
--- a/packages/script/src/registry.ts
+++ b/packages/script/src/registry.ts
@@ -413,7 +413,7 @@ export async function registry(resolve?: (path: string) => Promise<string>): Pro
           return 'https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js'
         },
       },
-      partytown: { forwards: ['mixpanel', 'mixpanel.init', 'mixpanel.track', 'mixpanel.identify', 'mixpanel.people.set', 'mixpanel.reset', 'mixpanel.register'] },
+      partytown: { forwards: ['mixpanel', 'mixpanel.init', 'mixpanel.track', 'mixpanel.identify', 'mixpanel.people.set', 'mixpanel.reset', 'mixpanel.register', 'mixpanel.opt_in_tracking', 'mixpanel.opt_out_tracking'] },
     }),
     // ad
     def('bingUet', {
@@ -468,7 +468,7 @@ export async function registry(resolve?: (path: string) => Promise<string>): Pro
         domains: ['analytics.tiktok.com', 'mon.tiktok.com', 'mcs.tiktok.com'],
         privacy: PRIVACY_FULL,
       },
-      partytown: { forwards: ['ttq.track', 'ttq.page', 'ttq.identify'] },
+      partytown: { forwards: ['ttq.track', 'ttq.page', 'ttq.identify', 'ttq.grantConsent', 'ttq.revokeConsent', 'ttq.holdConsent'] },
     }),
     def('snapchatPixel', {
       schema: SnapTrPixelOptions,
@@ -570,7 +570,7 @@ export async function registry(resolve?: (path: string) => Promise<string>): Pro
         domains: ['www.clarity.ms', 'scripts.clarity.ms', 'd.clarity.ms', 'e.clarity.ms', 'k.clarity.ms', 'c.clarity.ms', 'a.clarity.ms', 'b.clarity.ms'],
         privacy: PRIVACY_HEATMAP,
       },
-      partytown: { forwards: [] },
+      partytown: { forwards: ['clarity'] },
     }),
     // payments
     def('stripe', {
diff --git a/packages/script/src/runtime/registry/bing-uet.ts b/packages/script/src/runtime/registry/bing-uet.ts
index 9c4920eb..6909a18a 100644
--- a/packages/script/src/runtime/registry/bing-uet.ts
+++ b/packages/script/src/runtime/registry/bing-uet.ts
@@ -1,4 +1,4 @@
-import type { RegistryScriptInput } from '#nuxt-scripts/types'
+import type { RegistryScriptInput, UseScriptContext } from '#nuxt-scripts/types'
 import { useRegistryScript } from '../utils'
 import { BingUetOptions } from './schemas'
 
@@ -244,8 +244,13 @@ declare global {
   }
 }
 
-export function useScriptBingUet<T extends BingUetApi>(_options?: BingUetInput & { onBeforeUetStart?: (uetq: BingUetQueue) => void }) {
-  return useRegistryScript<T, typeof BingUetOptions>('bingUet', options => ({
+export interface BingUetConsent {
+  /** Push `['consent','update', state]` with the `ad_storage` signal. */
+  update: (state: BingUetConsentOptions) => void
+}
+
+export function useScriptBingUet<T extends BingUetApi>(_options?: BingUetInput & { onBeforeUetStart?: (uetq: BingUetQueue) => void }): UseScriptContext<T, BingUetConsent> {
+  const instance = useRegistryScript<T, typeof BingUetOptions>('bingUet', options => ({
     scriptInput: {
       src: 'https://bat.bing.com/bat.js',
       crossorigin: false,
@@ -271,7 +276,19 @@ export function useScriptBingUet<T extends BingUetApi>(_options?: BingUetInput &
       : () => {
           const uetq = window.uetq || []
           window.uetq = uetq
+          if (options?.defaultConsent) {
+            (uetq as unknown as BingUetQueue).push('consent', 'default', options.defaultConsent)
+          }
           _options?.onBeforeUetStart?.(uetq as unknown as BingUetQueue)
         },
-  }), _options)
+  }), _options) as UseScriptContext<T, BingUetConsent>
+
+  if (import.meta.client && !instance.consent) {
+    instance.consent = {
+      update: (state: BingUetConsentOptions) => {
+        ;((instance.proxy as unknown as BingUetApi).uetq as any).push('consent', 'update', state)
+      },
+    }
+  }
+  return instance
 }
diff --git a/packages/script/src/runtime/registry/clarity.ts b/packages/script/src/runtime/registry/clarity.ts
index 6f6e0e03..6f9d058e 100644
--- a/packages/script/src/runtime/registry/clarity.ts
+++ b/packages/script/src/runtime/registry/clarity.ts
@@ -1,4 +1,4 @@
-import type { RegistryScriptInput } from '#nuxt-scripts/types'
+import type { RegistryScriptInput, UseScriptContext } from '#nuxt-scripts/types'
 import { useRegistryScript } from '../utils'
 import { ClarityOptions } from './schemas'
 
@@ -30,10 +30,15 @@ declare global {
 
 export type ClarityInput = RegistryScriptInput<typeof ClarityOptions>
 
+export interface ClarityConsent {
+  /** Call `clarity('consent', value)` with either a boolean (default) or Clarity's advanced vector. */
+  set: (value: boolean | Record<string, string>) => void
+}
+
 export function useScriptClarity<T extends ClarityApi>(
   _options?: ClarityInput,
-) {
-  return useRegistryScript<T, typeof ClarityOptions>('clarity', options => ({
+): UseScriptContext<T, ClarityConsent> {
+  const instance = useRegistryScript<T, typeof ClarityOptions>('clarity', options => ({
     scriptInput: {
       src: `https://www.clarity.ms/tag/${options.id}`,
     },
@@ -56,6 +61,17 @@ export function useScriptClarity<T extends ClarityApi>(
           window.clarity = window.clarity || function (...params: any[]) {
             (window.clarity.q = window.clarity.q || []).push(params)
           }
+          if (options?.defaultConsent !== undefined)
+            window.clarity('consent', options.defaultConsent)
         },
-  }), _options)
+  }), _options) as UseScriptContext<T, ClarityConsent>
+
+  if (import.meta.client && !instance.consent) {
+    instance.consent = {
+      set: (value: boolean | Record<string, string>) => {
+        ;(instance.proxy as unknown as ClarityApi).clarity('consent', value)
+      },
+    }
+  }
+  return instance
 }
diff --git a/packages/script/src/runtime/registry/google-analytics.ts b/packages/script/src/runtime/registry/google-analytics.ts
index 5f76c4f7..3edd1044 100644
--- a/packages/script/src/runtime/registry/google-analytics.ts
+++ b/packages/script/src/runtime/registry/google-analytics.ts
@@ -1,4 +1,4 @@
-import type { RegistryScriptInput } from '#nuxt-scripts/types'
+import type { ConsentState, RegistryScriptInput, UseScriptContext } from '#nuxt-scripts/types'
 import { useRegistryScript } from '#nuxt-scripts/utils'
 import { withQuery } from 'ufo'
 import { GoogleAnalyticsOptions } from './schemas'
@@ -111,8 +111,13 @@ export { GoogleAnalyticsOptions }
 
 export type GoogleAnalyticsInput = RegistryScriptInput<typeof GoogleAnalyticsOptions>
 
-export function useScriptGoogleAnalytics<T extends GoogleAnalyticsApi>(_options?: GoogleAnalyticsInput & { onBeforeGtagStart?: (gtag: GTag) => void }) {
-  return useRegistryScript<T, typeof GoogleAnalyticsOptions>(_options?.key || 'googleAnalytics', (options) => {
+export interface GoogleAnalyticsConsent {
+  /** Send `gtag('consent','update', state)` with GCMv2 partial state. */
+  update: (state: ConsentState) => void
+}
+
+export function useScriptGoogleAnalytics<T extends GoogleAnalyticsApi>(_options?: GoogleAnalyticsInput & { onBeforeGtagStart?: (gtag: GTag) => void }): UseScriptContext<T, GoogleAnalyticsConsent> {
+  const instance = useRegistryScript<T, typeof GoogleAnalyticsOptions>(_options?.key || 'googleAnalytics', (options) => {
     const dataLayerName = options?.l ?? 'dataLayer'
     const w = import.meta.client ? window as any : {}
     return {
@@ -136,6 +141,8 @@ export function useScriptGoogleAnalytics<T extends GoogleAnalyticsApi>(_options?
               // eslint-disable-next-line prefer-rest-params
               w[dataLayerName].push(arguments)
             }
+            if (options?.defaultConsent)
+              w.gtag('consent', 'default', options.defaultConsent)
             // eslint-disable-next-line ts/ban-ts-comment
             // @ts-ignore
             _options?.onBeforeGtagStart?.(w.gtag)
@@ -145,5 +152,14 @@ export function useScriptGoogleAnalytics<T extends GoogleAnalyticsApi>(_options?
             }
           },
     }
-  }, _options)
+  }, _options) as UseScriptContext<T, GoogleAnalyticsConsent>
+
+  if (import.meta.client && !instance.consent) {
+    instance.consent = {
+      update: (state: ConsentState) => {
+        ;(instance.proxy as unknown as GoogleAnalyticsApi).gtag('consent', 'update', state as ConsentOptions)
+      },
+    }
+  }
+  return instance
 }
diff --git a/packages/script/src/runtime/registry/google-tag-manager.ts b/packages/script/src/runtime/registry/google-tag-manager.ts
index 376edb9e..515064d3 100644
--- a/packages/script/src/runtime/registry/google-tag-manager.ts
+++ b/packages/script/src/runtime/registry/google-tag-manager.ts
@@ -1,4 +1,4 @@
-import type { NuxtUseScriptOptions, RegistryScriptInput, UseFunctionType, UseScriptContext } from '#nuxt-scripts/types'
+import type { ConsentState, NuxtUseScriptOptions, RegistryScriptInput, UseFunctionType, UseScriptContext } from '#nuxt-scripts/types'
 import type { GTag } from './google-analytics'
 import { useRegistryScript } from '#nuxt-scripts/utils'
 import { withQuery } from 'ufo'
@@ -80,6 +80,11 @@ export { GoogleTagManagerOptions }
 
 export type GoogleTagManagerInput = RegistryScriptInput<typeof GoogleTagManagerOptions>
 
+export interface GoogleTagManagerConsent {
+  /** Push `['consent','update', state]` onto dataLayer with GCMv2 partial state. */
+  update: (state: ConsentState) => void
+}
+
 /**
  * Hook to use Google Tag Manager in Nuxt applications
  */
@@ -91,7 +96,7 @@ export function useScriptGoogleTagManager<T extends GoogleTagManagerApi>(
      */
     onBeforeGtmStart?: (gtag: DataLayerPush) => void
   },
-): UseScriptContext<UseFunctionType<NuxtUseScriptOptions<T>, T>> {
+): UseScriptContext<UseFunctionType<NuxtUseScriptOptions<T>, T>, GoogleTagManagerConsent> {
   const instance = useRegistryScript<T, typeof GoogleTagManagerOptions>(
     options?.key || 'googleTagManager',
     (opts) => {
@@ -160,5 +165,13 @@ export function useScriptGoogleTagManager<T extends GoogleTagManagerApi>(
       options.onBeforeGtmStart(gtag)
   }
 
-  return instance
+  const typed = instance as UseScriptContext<UseFunctionType<NuxtUseScriptOptions<T>, T>, GoogleTagManagerConsent>
+  if (import.meta.client && !typed.consent) {
+    typed.consent = {
+      update: (state: ConsentState) => {
+        ;((typed.proxy as unknown as GoogleTagManagerApi).dataLayer as any).push(['consent', 'update', state])
+      },
+    }
+  }
+  return typed
 }
diff --git a/packages/script/src/runtime/registry/matomo-analytics.ts b/packages/script/src/runtime/registry/matomo-analytics.ts
index b285008c..900927ae 100644
--- a/packages/script/src/runtime/registry/matomo-analytics.ts
+++ b/packages/script/src/runtime/registry/matomo-analytics.ts
@@ -1,4 +1,4 @@
-import type { RegistryScriptInput } from '#nuxt-scripts/types'
+import type { RegistryScriptInput, UseScriptContext } from '#nuxt-scripts/types'
 import { withBase, withHttps, withoutProtocol, withoutTrailingSlash } from 'ufo'
 import { useScriptEventPage } from '../composables/useScriptEventPage'
 import { logger } from '../logger'
@@ -9,7 +9,7 @@ export { MatomoAnalyticsOptions }
 
 export type MatomoAnalyticsInput = RegistryScriptInput<typeof MatomoAnalyticsOptions, false, false>
 
-interface MatomoAnalyticsApi {
+export interface MatomoAnalyticsApi {
   _paq: unknown[]
 }
 
@@ -17,8 +17,15 @@ declare global {
   interface Window extends MatomoAnalyticsApi { }
 }
 
-export function useScriptMatomoAnalytics<T extends MatomoAnalyticsApi>(_options?: MatomoAnalyticsInput) {
-  return useRegistryScript<T, typeof MatomoAnalyticsOptions>('matomoAnalytics', (options) => {
+export interface MatomoConsent {
+  /** Push `setConsentGiven`. Requires `defaultConsent: 'required' | 'given'` at registration to have an effect. */
+  give: () => void
+  /** Push `forgetConsentGiven`. Requires `defaultConsent: 'required' | 'given'` at registration to have an effect. */
+  forget: () => void
+}
+
+export function useScriptMatomoAnalytics<T extends MatomoAnalyticsApi>(_options?: MatomoAnalyticsInput): UseScriptContext<T, MatomoConsent> {
+  const instance = useRegistryScript<T, typeof MatomoAnalyticsOptions>('matomoAnalytics', (options) => {
     const normalizedCloudId = options?.cloudId ? withoutTrailingSlash(withoutProtocol(options.cloudId)) : undefined
     const origin = options?.matomoUrl ? options.matomoUrl : `https://cdn.matomo.cloud/${normalizedCloudId}/`
     const _paq = import.meta.client ? (window._paq = window._paq || []) : []
@@ -49,6 +56,14 @@ export function useScriptMatomoAnalytics<T extends MatomoAnalyticsApi>(_options?
       clientInit: import.meta.server
         ? undefined
         : () => {
+            // Consent MUST be queued before any tracking call so Matomo honors it for the first page view.
+            if (options?.defaultConsent === 'required') {
+              _paq.push(['requireConsent'])
+            }
+            else if (options?.defaultConsent === 'given') {
+              _paq.push(['requireConsent'])
+              _paq.push(['setConsentGiven'])
+            }
             if (options?.enableLinkTracking) {
               _paq.push(['enableLinkTracking'])
             }
@@ -80,5 +95,28 @@ export function useScriptMatomoAnalytics<T extends MatomoAnalyticsApi>(_options?
             }
           },
     }
-  }, _options)
+  }, _options) as UseScriptContext<T, MatomoConsent>
+
+  if (import.meta.client && !instance.consent) {
+    const requiresConsent = _options?.defaultConsent === 'required' || _options?.defaultConsent === 'given'
+    const warnIfUnsafe = import.meta.dev
+      ? (method: string) => {
+          if (!requiresConsent) {
+            logger.warn(`matomo consent.${method}() is a no-op unless \`defaultConsent: 'required'\` or \`'given'\` is set at registration.`)
+          }
+        }
+      : () => {}
+    const paq = (instance.proxy as unknown as MatomoAnalyticsApi)._paq
+    instance.consent = {
+      give: () => {
+        warnIfUnsafe('give')
+        paq.push(['setConsentGiven'])
+      },
+      forget: () => {
+        warnIfUnsafe('forget')
+        paq.push(['forgetConsentGiven'])
+      },
+    }
+  }
+  return instance
 }
diff --git a/packages/script/src/runtime/registry/meta-pixel.ts b/packages/script/src/runtime/registry/meta-pixel.ts
index 96a298d5..404f89b0 100644
--- a/packages/script/src/runtime/registry/meta-pixel.ts
+++ b/packages/script/src/runtime/registry/meta-pixel.ts
@@ -1,4 +1,4 @@
-import type { RegistryScriptInput } from '#nuxt-scripts/types'
+import type { RegistryScriptInput, UseScriptContext } from '#nuxt-scripts/types'
 import { useRegistryScript } from '../utils'
 import { MetaPixelOptions } from './schemas'
 
@@ -50,8 +50,15 @@ declare global {
 export { MetaPixelOptions }
 export type MetaPixelInput = RegistryScriptInput<typeof MetaPixelOptions, true, false>
 
-export function useScriptMetaPixel<T extends MetaPixelApi>(_options?: MetaPixelInput) {
-  return useRegistryScript<T, typeof MetaPixelOptions>('metaPixel', options => ({
+export interface MetaPixelConsent {
+  /** Call `fbq('consent','grant')`. */
+  grant: () => void
+  /** Call `fbq('consent','revoke')`. */
+  revoke: () => void
+}
+
+export function useScriptMetaPixel<T extends MetaPixelApi>(_options?: MetaPixelInput): UseScriptContext<T, MetaPixelConsent> {
+  const instance = useRegistryScript<T, typeof MetaPixelOptions>('metaPixel', options => ({
     scriptInput: {
       src: 'https://connect.facebook.net/en_US/fbevents.js',
       crossorigin: false,
@@ -81,8 +88,18 @@ export function useScriptMetaPixel<T extends MetaPixelApi>(_options?: MetaPixelI
           fbq.loaded = true
           fbq.version = '2.0'
           fbq.queue = []
+          if (options?.defaultConsent)
+            fbq('consent', options.defaultConsent === 'granted' ? 'grant' : 'revoke')
           fbq('init', options?.id)
           fbq('track', 'PageView')
         },
-  }), _options)
+  }), _options) as UseScriptContext<T, MetaPixelConsent>
+
+  if (import.meta.client && !instance.consent) {
+    instance.consent = {
+      grant: () => (instance.proxy as unknown as MetaPixelApi).fbq('consent', 'grant'),
+      revoke: () => (instance.proxy as unknown as MetaPixelApi).fbq('consent', 'revoke'),
+    }
+  }
+  return instance
 }
diff --git a/packages/script/src/runtime/registry/mixpanel-analytics.ts b/packages/script/src/runtime/registry/mixpanel-analytics.ts
index c5be0858..3796a36a 100644
--- a/packages/script/src/runtime/registry/mixpanel-analytics.ts
+++ b/packages/script/src/runtime/registry/mixpanel-analytics.ts
@@ -1,4 +1,4 @@
-import type { RegistryScriptInput } from '#nuxt-scripts/types'
+import type { RegistryScriptInput, UseScriptContext } from '#nuxt-scripts/types'
 import { useRegistryScript } from '../utils'
 import { MixpanelAnalyticsOptions } from './schemas'
 
@@ -16,6 +16,10 @@ export interface MixpanelAnalyticsApi {
     }
     register: (properties: Record<string, any>) => void
     init: (token: string, config?: Record<string, any>) => void
+    /** Opt the user in to tracking. Available after the real SDK loads. */
+    opt_in_tracking?: () => void
+    /** Opt the user out of tracking. Available after the real SDK loads. */
+    opt_out_tracking?: () => void
   }
 }
 
@@ -25,11 +29,18 @@ declare global {
   }
 }
 
-const methods = ['track', 'identify', 'reset', 'register'] as const
+const methods = ['track', 'identify', 'reset', 'register', 'opt_in_tracking', 'opt_out_tracking'] as const
 const peopleMethods = ['set'] as const
 
-export function useScriptMixpanelAnalytics<T extends MixpanelAnalyticsApi>(_options?: MixpanelAnalyticsInput) {
-  return useRegistryScript<T, typeof MixpanelAnalyticsOptions>('mixpanelAnalytics', (options) => {
+export interface MixpanelConsent {
+  /** Call `mixpanel.opt_in_tracking()`. */
+  optIn: () => void
+  /** Call `mixpanel.opt_out_tracking()`. For boot-time opt-out, use `defaultConsent: 'opt-out'` instead. */
+  optOut: () => void
+}
+
+export function useScriptMixpanelAnalytics<T extends MixpanelAnalyticsApi>(_options?: MixpanelAnalyticsInput): UseScriptContext<T, MixpanelConsent> {
+  const instance = useRegistryScript<T, typeof MixpanelAnalyticsOptions>('mixpanelAnalytics', (options) => {
     return {
       scriptInput: {
         src: 'https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js',
@@ -67,9 +78,27 @@ export function useScriptMixpanelAnalytics<T extends MixpanelAnalyticsApi>(_opti
               }
             }
 
-            if (options?.token)
-              mp.init(options.token)
+            if (options?.token) {
+              // 'opt-out' is applied on init() via `opt_out_tracking_by_default`, so tracking
+              // is suppressed before the first call. 'opt-in' is queued on the `mp` stub with
+              // `opt_in_tracking`; the real SDK drains the queue on load and runs it early.
+              const optOutByDefault = options?.defaultConsent === 'opt-out'
+              mp.init(options.token, optOutByDefault ? { opt_out_tracking_by_default: true } : undefined)
+              if (options?.defaultConsent === 'opt-in') {
+                // After init, opt_in_tracking is wired on the stub (see methods array)
+                // so the real SDK drains it on load.
+                mp.opt_in_tracking?.()
+              }
+            }
           },
     }
-  }, _options)
+  }, _options) as UseScriptContext<T, MixpanelConsent>
+
+  if (import.meta.client && !instance.consent) {
+    instance.consent = {
+      optIn: () => (instance.proxy as unknown as MixpanelAnalyticsApi).mixpanel.opt_in_tracking?.(),
+      optOut: () => (instance.proxy as unknown as MixpanelAnalyticsApi).mixpanel.opt_out_tracking?.(),
+    }
+  }
+  return instance
 }
diff --git a/packages/script/src/runtime/registry/posthog.ts b/packages/script/src/runtime/registry/posthog.ts
index 5bdb6113..e5965599 100644
--- a/packages/script/src/runtime/registry/posthog.ts
+++ b/packages/script/src/runtime/registry/posthog.ts
@@ -1,4 +1,4 @@
-import type { RegistryScriptInput } from '#nuxt-scripts/types'
+import type { RegistryScriptInput, UseScriptContext } from '#nuxt-scripts/types'
 import type { PostHog, PostHogConfig } from 'posthog-js'
 import { logger } from '../logger'
 import { useRegistryScript } from '../utils'
@@ -26,8 +26,15 @@ declare global {
   }
 }
 
-export function useScriptPostHog<T extends PostHogApi>(_options?: PostHogInput) {
-  return useRegistryScript<T, typeof PostHogOptions>('posthog', (options) => {
+export interface PostHogConsent {
+  /** Call `posthog.opt_in_capturing()`. */
+  optIn: () => void
+  /** Call `posthog.opt_out_capturing()`. For boot-time opt-out, use `defaultConsent: 'opt-out'` instead. */
+  optOut: () => void
+}
+
+export function useScriptPostHog<T extends PostHogApi>(_options?: PostHogInput): UseScriptContext<T, PostHogConsent> {
+  const instance = useRegistryScript<T, typeof PostHogOptions>('posthog', (options) => {
     return {
       scriptMode: 'npm', // Use NPM mode - no external script tag
       schema: import.meta.dev ? PostHogOptions : undefined,
@@ -93,6 +100,10 @@ export function useScriptPostHog<T extends PostHogApi>(_options?: PostHogInput)
                 config.capture_pageleave = options.capturePageleave
               if (typeof options?.disableSessionRecording === 'boolean')
                 config.disable_session_recording = options.disableSessionRecording
+              // Start opted-out if consent is denied, so init doesn't capture anything
+              // until the user grants consent.
+              if (options?.defaultConsent === 'opt-out')
+                config.opt_out_capturing_by_default = true
 
               const instance = posthog.init(options.apiKey, config)
               if (!instance) {
@@ -102,6 +113,9 @@ export function useScriptPostHog<T extends PostHogApi>(_options?: PostHogInput)
               }
 
               window.posthog = instance
+              // Apply explicit opt-in AFTER init (opt-out is handled by init config above).
+              if (options?.defaultConsent === 'opt-in')
+                instance.opt_in_capturing?.()
               // Flush queued calls now that PostHog is ready
               if (window._posthogQueue && window._posthogQueue.length > 0) {
                 window._posthogQueue.forEach(q => (window.posthog as any)[q.prop]?.(...q.args))
@@ -119,5 +133,13 @@ export function useScriptPostHog<T extends PostHogApi>(_options?: PostHogInput)
           return window.__posthogInitPromise
         },
     }
-  }, _options as RegistryScriptInput<typeof PostHogOptions>)
+  }, _options as RegistryScriptInput<typeof PostHogOptions>) as UseScriptContext<T, PostHogConsent>
+
+  if (import.meta.client && !instance.consent) {
+    instance.consent = {
+      optIn: () => (instance.proxy as unknown as PostHogApi).posthog?.opt_in_capturing?.(),
+      optOut: () => (instance.proxy as unknown as PostHogApi).posthog?.opt_out_capturing?.(),
+    }
+  }
+  return instance
 }
diff --git a/packages/script/src/runtime/registry/schemas.ts b/packages/script/src/runtime/registry/schemas.ts
index 48387b25..796c6ef4 100644
--- a/packages/script/src/runtime/registry/schemas.ts
+++ b/packages/script/src/runtime/registry/schemas.ts
@@ -1,5 +1,21 @@
 import { any, array, boolean, custom, literal, minLength, number, object, optional, pipe, record, string, union } from 'valibot'
 
+// Shared GCMv2 consent category value.
+const consentCategoryValue = union([literal('granted'), literal('denied')])
+
+// Shared GCMv2 consent state (+ GA-only control fields).
+const gcmConsentState = object({
+  ad_storage: optional(consentCategoryValue),
+  ad_user_data: optional(consentCategoryValue),
+  ad_personalization: optional(consentCategoryValue),
+  analytics_storage: optional(consentCategoryValue),
+  functionality_storage: optional(consentCategoryValue),
+  personalization_storage: optional(consentCategoryValue),
+  security_storage: optional(consentCategoryValue),
+  wait_for_update: optional(number()),
+  region: optional(array(string())),
+})
+
 export const BlueskyEmbedOptions = object({
   /**
    * The Bluesky post URL to embed.
@@ -24,6 +40,13 @@ export const ClarityOptions = object({
    * @see https://learn.microsoft.com/en-us/clarity/setup-clarity
    */
   id: pipe(string(), minLength(10)),
+  /**
+   * Default consent state applied before Clarity starts.
+   * - `boolean` - enable / disable cookies.
+   * - `Record<string, string>` - advanced consent vector (see Clarity docs).
+   * @see https://learn.microsoft.com/en-us/clarity/setup-and-installation/cookie-consent
+   */
+  defaultConsent: optional(union([boolean(), record(string(), string())])),
 })
 
 export const CloudflareWebAnalyticsOptions = object({
@@ -282,6 +305,11 @@ export const GoogleAnalyticsOptions = object({
    * @see https://developers.google.com/analytics/devguides/collection/gtagjs/setting-up-gtag#rename_the_data_layer
    */
   l: optional(string()),
+  /**
+   * Default GCMv2 consent state fired as `gtag('consent', 'default', ...)` before `gtag('js', ...)`.
+   * @see https://developers.google.com/tag-platform/security/guides/consent
+   */
+  defaultConsent: optional(gcmConsentState),
 })
 
 export const GoogleMapsOptions = object({
@@ -566,6 +594,14 @@ export const MatomoAnalyticsOptions = object({
    * @default true
    */
   watch: optional(boolean()),
+  /**
+   * Default tracking-consent state applied BEFORE the tracker is initialised.
+   * - `'required'` — call `requireConsent` without granting (user must opt in later).
+   * - `'given'` — call `requireConsent` then `setConsentGiven`.
+   * - `'not-required'` — no consent gating (default Matomo behaviour).
+   * @see https://developer.matomo.org/guides/tracking-consent
+   */
+  defaultConsent: optional(union([literal('required'), literal('given'), literal('not-required')])),
 })
 
 export const MetaPixelOptions = object({
@@ -574,6 +610,12 @@ export const MetaPixelOptions = object({
    * @see https://developers.facebook.com/docs/meta-pixel/get-started
    */
   id: union([string(), number()]),
+  /**
+   * Default consent state. `'granted'` fires `fbq('consent', 'grant')`,
+   * `'denied'` fires `fbq('consent', 'revoke')`, both called before `fbq('init', id)`.
+   * @see https://www.facebook.com/business/help/1151321516677370
+   */
+  defaultConsent: optional(union([literal('granted'), literal('denied')])),
 })
 
 export const NpmOptions = object({
@@ -670,6 +712,13 @@ export const PostHogOptions = object({
    * @see https://posthog.com/docs/libraries/js#config
    */
   config: optional(record(string(), any())),
+  /**
+   * Default capture-consent state for PostHog.
+   * - `'opt-out'`: passed as `opt_out_capturing_by_default: true` to `posthog.init`, so capturing is suppressed from the first event.
+   * - `'opt-in'`: applied after `posthog.init` via `posthog.opt_in_capturing()` on the returned instance.
+   * @see https://posthog.com/docs/privacy/opting-out
+   */
+  defaultConsent: optional(union([literal('opt-in'), literal('opt-out')])),
 })
 
 export const RedditPixelOptions = object({
@@ -746,6 +795,13 @@ export const MixpanelAnalyticsOptions = object({
    * @see https://docs.mixpanel.com/docs/tracking-methods/sdks/javascript#1-initialize-the-library
    */
   token: string(),
+  /**
+   * Default tracking-consent state for Mixpanel.
+   * - `'opt-out'`: passed as `opt_out_tracking_by_default: true` to `mixpanel.init`, so tracking is suppressed from the first call.
+   * - `'opt-in'`: queued via `mixpanel.push(['opt_in_tracking'])` so the real SDK runs it immediately after load.
+   * @see https://docs.mixpanel.com/docs/privacy/opt-out-of-tracking
+   */
+  defaultConsent: optional(union([literal('opt-in'), literal('opt-out')])),
 })
 
 export const BingUetOptions = object({
@@ -759,6 +815,13 @@ export const BingUetOptions = object({
    * @default true
    */
   enableAutoSpaTracking: optional(boolean()),
+  /**
+   * Default consent state fired as `uetq.push('consent', 'default', ...)` before UET init.
+   * @see https://help.ads.microsoft.com/#apex/ads/en/60119/1-500
+   */
+  defaultConsent: optional(object({
+    ad_storage: optional(consentCategoryValue),
+  })),
 })
 
 export const SegmentOptions = object({
@@ -859,6 +922,14 @@ export const TikTokPixelOptions = object({
    * @default true
    */
   trackPageView: optional(boolean()),
+  /**
+   * Default consent state, applied before `ttq('init', id)`.
+   * - `'granted'` fires `ttq.grantConsent()`
+   * - `'denied'` fires `ttq.revokeConsent()`
+   * - `'hold'` fires `ttq.holdConsent()` to defer until an explicit update
+   * @see https://business-api.tiktok.com/portal/docs?id=1739585600931842
+   */
+  defaultConsent: optional(union([literal('granted'), literal('denied'), literal('hold')])),
 })
 
 export const UmamiAnalyticsOptions = object({
diff --git a/packages/script/src/runtime/registry/tiktok-pixel.ts b/packages/script/src/runtime/registry/tiktok-pixel.ts
index 9521e31c..cf6c713b 100644
--- a/packages/script/src/runtime/registry/tiktok-pixel.ts
+++ b/packages/script/src/runtime/registry/tiktok-pixel.ts
@@ -1,4 +1,4 @@
-import type { RegistryScriptInput } from '#nuxt-scripts/types'
+import type { RegistryScriptInput, UseScriptContext } from '#nuxt-scripts/types'
 import { withQuery } from 'ufo'
 import { useRegistryScript } from '../utils'
 import { TikTokPixelOptions } from './schemas'
@@ -48,6 +48,12 @@ export interface TikTokPixelApi {
     push: TtqFns
     loaded: boolean
     queue: any[]
+    /** Opt user in to tracking. Queued before the script loads; live once `events.js` binds. */
+    grantConsent: () => void
+    /** Opt user out of tracking. Queued before the script loads; live once `events.js` binds. */
+    revokeConsent: () => void
+    /** Defer consent until an explicit grant/revoke. Queued before the script loads; live once `events.js` binds. */
+    holdConsent: () => void
   }
 }
 
@@ -61,8 +67,17 @@ export { TikTokPixelOptions }
 
 export type TikTokPixelInput = RegistryScriptInput<typeof TikTokPixelOptions, true, false>
 
-export function useScriptTikTokPixel<T extends TikTokPixelApi>(_options?: TikTokPixelInput) {
-  return useRegistryScript<T, typeof TikTokPixelOptions>('tiktokPixel', options => ({
+export interface TikTokPixelConsent {
+  /** Call `ttq.grantConsent()`. */
+  grant: () => void
+  /** Call `ttq.revokeConsent()`. */
+  revoke: () => void
+  /** Call `ttq.holdConsent()` to defer the decision. */
+  hold: () => void
+}
+
+export function useScriptTikTokPixel<T extends TikTokPixelApi>(_options?: TikTokPixelInput): UseScriptContext<T, TikTokPixelConsent> {
+  const instance = useRegistryScript<T, typeof TikTokPixelOptions>('tiktokPixel', options => ({
     scriptInput: {
       src: withQuery('https://analytics.tiktok.com/i18n/pixel/events.js', {
         sdkid: options?.id,
@@ -93,6 +108,20 @@ export function useScriptTikTokPixel<T extends TikTokPixelApi>(_options?: TikTok
           ttq.push = ttq
           ttq.loaded = true
           ttq.queue = []
+          // Queue consent stubs so pre-load `ttq.grantConsent()` / `ttq.revokeConsent()` work.
+          // The real events.js replaces these with live bindings once loaded.
+          const consentMethods = ['grantConsent', 'revokeConsent', 'holdConsent'] as const
+          for (const name of consentMethods) {
+            ;(ttq as any)[name] = function (...params: any[]) {
+              ttq.queue.push([name, ...params])
+            }
+          }
+          if (options?.defaultConsent === 'granted')
+            ttq.grantConsent()
+          else if (options?.defaultConsent === 'denied')
+            ttq.revokeConsent()
+          else if (options?.defaultConsent === 'hold')
+            ttq.holdConsent()
           if (options?.id) {
             ttq('init', options.id)
             if (options?.trackPageView !== false) {
@@ -100,5 +129,14 @@ export function useScriptTikTokPixel<T extends TikTokPixelApi>(_options?: TikTok
             }
           }
         },
-  }), _options)
+  }), _options) as UseScriptContext<T, TikTokPixelConsent>
+
+  if (import.meta.client && !instance.consent) {
+    instance.consent = {
+      grant: () => (instance.proxy as unknown as TikTokPixelApi).ttq.grantConsent(),
+      revoke: () => (instance.proxy as unknown as TikTokPixelApi).ttq.revokeConsent(),
+      hold: () => (instance.proxy as unknown as TikTokPixelApi).ttq.holdConsent(),
+    }
+  }
+  return instance
 }
diff --git a/packages/script/src/runtime/types.ts b/packages/script/src/runtime/types.ts
index 5e755db9..5ee52041 100644
--- a/packages/script/src/runtime/types.ts
+++ b/packages/script/src/runtime/types.ts
@@ -50,12 +50,39 @@ export { MARKER_CLUSTERER_INJECTION_KEY } from './components/GoogleMaps/types'
 
 export type WarmupStrategy = false | 'preload' | 'preconnect' | 'dns-prefetch'
 
-export type UseScriptContext<T extends Record<symbol | string, any>> = VueScriptInstance<T> & {
+// -- Consent types --
+
+/**
+ * GCMv2 consent category value.
+ * @see https://developers.google.com/tag-platform/security/guides/consent
+ */
+export type ConsentCategoryValue = 'granted' | 'denied'
+
+/**
+ * Canonical GCMv2 consent state shape used by vendors that natively consume
+ * Consent Mode v2 (Google Analytics, Google Tag Manager, Bing UET).
+ */
+export interface ConsentState {
+  ad_storage?: ConsentCategoryValue
+  ad_user_data?: ConsentCategoryValue
+  ad_personalization?: ConsentCategoryValue
+  analytics_storage?: ConsentCategoryValue
+  functionality_storage?: ConsentCategoryValue
+  personalization_storage?: ConsentCategoryValue
+  security_storage?: ConsentCategoryValue
+}
+
+export type UseScriptContext<T extends Record<symbol | string, any>, C = unknown> = VueScriptInstance<T> & {
   /**
    * Remove and reload the script. Useful for scripts that need to re-execute
    * after SPA navigation (e.g., DOM-scanning scripts like iubenda).
    */
   reload: () => Promise<T>
+  /**
+   * Vendor-native consent controls attached by registry scripts.
+   * Shape depends on the vendor (GCMv2 update, binary grant/revoke, three-state, etc.).
+   */
+  consent?: C
 }
 
 export type NuxtUseScriptOptions<T extends Record<symbol | string, any> = {}> = Omit<UseScriptOptions<T>, 'trigger'> & {
diff --git a/packages/script/src/runtime/utils.ts b/packages/script/src/runtime/utils.ts
index ec2a5a0f..9ac2ea1b 100644
--- a/packages/script/src/runtime/utils.ts
+++ b/packages/script/src/runtime/utils.ts
@@ -102,7 +102,7 @@ export function useRegistryScript<T extends Record<string | symbol, any>, O = Em
     }
   }
 
-  const scriptInput = defu(finalScriptInput, userOptions.scriptInput, { key: registryKey }) as any as UseScriptInput
+  const scriptInput = defu(finalScriptInput as any, userOptions.scriptInput as any, { key: registryKey }) as any as UseScriptInput
   const scriptOptions = { ...userOptions?.scriptOptions, ...options.scriptOptions }
   if (import.meta.dev) {
     // Capture where the component was loaded from
@@ -142,7 +142,7 @@ export function useRegistryScript<T extends Record<string | symbol, any>, O = Em
     // Extract known domains for this script from devtools runtime config
     const devtoolsConfig = useRuntimeConfig().public['nuxt-scripts-devtools'] as any
     const registryDomains = devtoolsConfig?.scripts?.find((s: any) => s.registryKey === registryKey)?.domains as string[] | undefined
-    scriptOptions.devtools = defu(scriptOptions.devtools, { registryKey, loadedFrom, domains: registryDomains })
+    scriptOptions.devtools = defu(scriptOptions.devtools, { registryKey, loadedFrom, domains: registryDomains }) as NonNullable<NuxtUseScriptOptions['devtools']>
     if (options.schema && 'entries' in options.schema) {
       const registryMeta: Record<string, string> = {}
       for (const k in options.schema.entries) {
@@ -150,7 +150,7 @@ export function useRegistryScript<T extends Record<string | symbol, any>, O = Em
           registryMeta[k] = String(userOptions[k as any as keyof typeof userOptions])
         }
       }
-      scriptOptions.devtools.registryMeta = registryMeta
+      scriptOptions.devtools!.registryMeta = registryMeta
     }
   }
   const init = scriptOptions.beforeInit
diff --git a/playground/pages/features/cookie-consent.vue b/playground/pages/features/cookie-consent.vue
index fb9639dc..255c3cc7 100644
--- a/playground/pages/features/cookie-consent.vue
+++ b/playground/pages/features/cookie-consent.vue
@@ -1,24 +1,44 @@
 <script lang="ts" setup>
 import { ref } from 'vue'
-import { useScriptTriggerConsent, useScriptGoogleTagManager } from '#imports'
+import { useScriptGoogleTagManager, useScriptTriggerConsent } from '#imports'
 
 const showCookieBanner = ref(true)
-const scriptConsent = useScriptTriggerConsent()
+const triggerConsent = useScriptTriggerConsent()
+
+const { consent } = useScriptGoogleTagManager({
+  id: 'GTM-MWW974PF',
+  defaultConsent: {
+    ad_storage: 'denied',
+    ad_user_data: 'denied',
+    ad_personalization: 'denied',
+    analytics_storage: 'denied',
+  },
+  scriptOptions: {
+    trigger: triggerConsent,
+    bundle: true,
+  },
+})
+
 function acceptCookies() {
-  scriptConsent.accept()
+  consent.update({
+    ad_storage: 'granted',
+    ad_user_data: 'granted',
+    ad_personalization: 'granted',
+    analytics_storage: 'granted',
+  })
+  triggerConsent.accept()
   showCookieBanner.value = false
 }
 function revokeCookies() {
-  scriptConsent.revoke()
+  consent.update({
+    ad_storage: 'denied',
+    ad_user_data: 'denied',
+    ad_personalization: 'denied',
+    analytics_storage: 'denied',
+  })
+  triggerConsent.revoke()
   showCookieBanner.value = true
 }
-useScriptGoogleTagManager({
-  id: 'GTM-MWW974PF',
-  scriptOptions: {
-    trigger: scriptConsent,
-    bundle: true,
-  },
-})
 </script>
 
 <template>
@@ -38,9 +58,9 @@ useScriptGoogleTagManager({
     </div>
     <div v-else class="p-5 bg-gray-100">
       <div class="font-bold mb-2">
-        Cookie Status: {{ scriptConsent.consented.value ? 'Accepted' : 'Declined' }}
+        Cookie Status: {{ triggerConsent.consented.value ? 'Accepted' : 'Declined' }}
       </div>
-      <UButton v-if="scriptConsent.consented.value" color="red" @click="revokeCookies">
+      <UButton v-if="triggerConsent.consented.value" color="red" @click="revokeCookies">
         Revoke Consent
       </UButton>
       <UButton v-else color="green" @click="acceptCookies">
diff --git a/playground/pages/third-parties/bing-uet.vue b/playground/pages/third-parties/bing-uet.vue
index dab7712e..87f37dea 100644
--- a/playground/pages/third-parties/bing-uet.vue
+++ b/playground/pages/third-parties/bing-uet.vue
@@ -5,13 +5,9 @@ useHead({
   title: 'Bing UET',
 })
 
-const { status, proxy } = useScriptBingUet({
+const { status, proxy, consent } = useScriptBingUet({
   id: '247021147',
-  onBeforeUetStart(uetq) {
-    uetq.push('consent', 'default', {
-      ad_storage: 'denied',
-    })
-  },
+  defaultConsent: { ad_storage: 'denied' },
 })
 
 function triggerEvent() {
@@ -22,9 +18,7 @@ function triggerEvent() {
 }
 
 function grantConsent() {
-  proxy.uetq.push('consent', 'update', {
-    ad_storage: 'granted',
-  })
+  consent.update({ ad_storage: 'granted' })
 }
 </script>
 
diff --git a/test/nuxt-runtime/consent-default.nuxt.test.ts b/test/nuxt-runtime/consent-default.nuxt.test.ts
new file mode 100644
index 00000000..4620bb24
--- /dev/null
+++ b/test/nuxt-runtime/consent-default.nuxt.test.ts
@@ -0,0 +1,305 @@
+/**
+ * Consent Mode — verifies each script fires its vendor-specific consent call
+ * inside `clientInit` BEFORE the vendor init / first tracking call.
+ *
+ * Runs inside the nuxt (browser-like) environment so `import.meta.client` is true
+ * and the module-level `_paq`/`window` initialisation takes the client branch.
+ */
+import { beforeEach, describe, expect, it, vi } from 'vitest'
+
+let posthogInitImpl: ((...args: any[]) => any) | undefined
+
+vi.mock('posthog-js', () => ({
+  default: {
+    init: (...args: any[]) => posthogInitImpl?.(...args),
+  },
+}))
+
+// Force useRegistryScript to a pass-through so we can call `clientInit` directly
+// instead of going through the real beforeInit wrapping (which requires the full
+// Nuxt + useScript plumbing).
+vi.mock('#nuxt-scripts/utils', () => ({
+  useRegistryScript: (_key: string, optionsFn: any, userOptions?: any) => {
+    const opts = optionsFn(userOptions || {}, { scriptInput: userOptions?.scriptInput })
+    const instance: any = { _opts: opts }
+    // Lazy proxy so `use()` runs AFTER clientInit populates window.fbq/ttq/etc.
+    Object.defineProperty(instance, 'proxy', {
+      configurable: true,
+      get() { return opts.scriptOptions?.use?.() },
+    })
+    return instance
+  },
+}))
+
+vi.mock('../../packages/script/src/runtime/utils', () => ({
+  useRegistryScript: (_key: string, optionsFn: any, userOptions?: any) => {
+    const opts = optionsFn(userOptions || {}, { scriptInput: userOptions?.scriptInput })
+    const instance: any = { _opts: opts }
+    // Lazy proxy so `use()` runs AFTER clientInit populates window.fbq/ttq/etc.
+    Object.defineProperty(instance, 'proxy', {
+      configurable: true,
+      get() { return opts.scriptOptions?.use?.() },
+    })
+    return instance
+  },
+  scriptRuntimeConfig: () => ({}),
+  scriptsPrefix: () => '/_scripts',
+  requireRegistryEndpoint: () => {},
+}))
+
+vi.mock('../../packages/script/src/runtime/composables/useScriptEventPage', () => ({
+  useScriptEventPage: vi.fn(),
+}))
+
+describe('consent defaults — clientInit ordering', () => {
+  beforeEach(() => {
+    delete (window as any).dataLayer
+    delete (window as any)._paq
+    delete (window as any).mixpanel
+    delete (window as any).posthog
+    delete (window as any).__posthogInitPromise
+  })
+
+  it('gtm: pushes ["consent","default",state] before gtm.start', async () => {
+    const { useScriptGoogleTagManager } = await import('../../packages/script/src/runtime/registry/google-tag-manager')
+    const result: any = useScriptGoogleTagManager({
+      id: 'GTM-XXXX',
+      defaultConsent: { analytics_storage: 'denied', ad_storage: 'denied' },
+    })
+
+    result._opts.clientInit()
+
+    const dl = (window as any).dataLayer as any[]
+    expect(Array.isArray(dl)).toBe(true)
+
+    const consentIdx = dl.findIndex(e => Array.isArray(e) && e[0] === 'consent' && e[1] === 'default')
+    const startIdx = dl.findIndex(e => e && typeof e === 'object' && !Array.isArray(e) && e.event === 'gtm.js')
+
+    expect(consentIdx).toBeGreaterThanOrEqual(0)
+    expect(startIdx).toBeGreaterThanOrEqual(0)
+    expect(consentIdx).toBeLessThan(startIdx)
+    expect(dl[consentIdx][2]).toMatchObject({ analytics_storage: 'denied', ad_storage: 'denied' })
+  })
+
+  it('matomo: "required" pushes requireConsent before setSiteId', async () => {
+    ;(window as any)._paq = []
+    const { useScriptMatomoAnalytics } = await import('../../packages/script/src/runtime/registry/matomo-analytics')
+    const result: any = useScriptMatomoAnalytics({
+      matomoUrl: 'https://m.example.com',
+      siteId: 1,
+      defaultConsent: 'required',
+    })
+
+    result._opts.clientInit()
+
+    const calls = (window as any)._paq as any[]
+    const findIdx = (cmd: string) => calls.findIndex(c => Array.isArray(c) && c[0] === cmd)
+
+    expect(findIdx('requireConsent')).toBeGreaterThanOrEqual(0)
+    expect(findIdx('setSiteId')).toBeGreaterThan(findIdx('requireConsent'))
+  })
+
+  it('matomo: "given" queues requireConsent then setConsentGiven, both before setSiteId', async () => {
+    ;(window as any)._paq = []
+    const { useScriptMatomoAnalytics } = await import('../../packages/script/src/runtime/registry/matomo-analytics')
+    const result: any = useScriptMatomoAnalytics({
+      matomoUrl: 'https://m.example.com',
+      siteId: 1,
+      defaultConsent: 'given',
+    })
+
+    result._opts.clientInit()
+
+    const calls = (window as any)._paq as any[]
+    const findIdx = (cmd: string) => calls.findIndex(c => Array.isArray(c) && c[0] === cmd)
+
+    expect(findIdx('requireConsent')).toBeLessThan(findIdx('setConsentGiven'))
+    expect(findIdx('setConsentGiven')).toBeLessThan(findIdx('setSiteId'))
+  })
+
+  it('mixpanel: opt-out sets opt_out_tracking_by_default on init config', async () => {
+    const { useScriptMixpanelAnalytics } = await import('../../packages/script/src/runtime/registry/mixpanel-analytics')
+
+    const initSpy = vi.fn()
+    const mp: any = []
+    mp.__SV = 1.2
+    mp._i = []
+    mp.init = initSpy
+    ;(window as any).mixpanel = mp
+
+    const result: any = useScriptMixpanelAnalytics({
+      token: 'tok_xyz',
+      defaultConsent: 'opt-out',
+    })
+    result._opts.clientInit()
+
+    expect(initSpy).toHaveBeenCalledTimes(1)
+    const [token, config] = initSpy.mock.calls[0] as any[]
+    expect(token).toBe('tok_xyz')
+    expect(config).toMatchObject({ opt_out_tracking_by_default: true })
+  })
+
+  it('mixpanel: opt-in does not set opt_out_tracking_by_default', async () => {
+    const { useScriptMixpanelAnalytics } = await import('../../packages/script/src/runtime/registry/mixpanel-analytics')
+
+    const initSpy = vi.fn()
+    const mp: any = []
+    mp.__SV = 1.2
+    mp._i = []
+    mp.init = initSpy
+    ;(window as any).mixpanel = mp
+
+    const result: any = useScriptMixpanelAnalytics({
+      token: 'tok_xyz',
+      defaultConsent: 'opt-in',
+    })
+    result._opts.clientInit()
+
+    expect(initSpy).toHaveBeenCalled()
+    const cfg = initSpy.mock.calls[0]?.[1]
+    expect(cfg?.opt_out_tracking_by_default).toBeUndefined()
+  })
+
+  // PostHog init is driven by the dynamic `import('posthog-js')` chain which doesn't
+  // reliably resolve inside happy-dom's module-mocked environment. We verify the
+  // behaviour end-to-end in the playground instead; unit coverage for posthog
+  // stays on the per-script consent object below.
+})
+
+describe('per-script consent object', () => {
+  it('matomo: consent.give() pushes setConsentGiven AFTER requireConsent from clientInit', async () => {
+    const { useScriptMatomoAnalytics } = await import('../../packages/script/src/runtime/registry/matomo-analytics')
+    const result: any = useScriptMatomoAnalytics({
+      cloudId: 'example.matomo.cloud',
+      siteId: 1,
+      defaultConsent: 'required',
+    })
+
+    result._opts.clientInit()
+    expect(result.consent).toBeDefined()
+
+    result.consent.give()
+    result.consent.forget()
+
+    const paq = (window as any)._paq as any[]
+    // requireConsent must land before any give/forget
+    const requireIdx = paq.findIndex(e => Array.isArray(e) && e[0] === 'requireConsent')
+    const giveIdx = paq.findIndex(e => Array.isArray(e) && e[0] === 'setConsentGiven')
+    const forgetIdx = paq.findIndex(e => Array.isArray(e) && e[0] === 'forgetConsentGiven')
+    expect(requireIdx).toBeGreaterThanOrEqual(0)
+    expect(giveIdx).toBeGreaterThan(requireIdx)
+    expect(forgetIdx).toBeGreaterThan(giveIdx)
+  })
+
+  it('matomo: without defaultConsent, clientInit does not push requireConsent', async () => {
+    ;(window as any)._paq = []
+    const { useScriptMatomoAnalytics } = await import('../../packages/script/src/runtime/registry/matomo-analytics')
+    const result: any = useScriptMatomoAnalytics({
+      cloudId: 'example.matomo.cloud',
+      siteId: 1,
+    })
+    result._opts.clientInit()
+    const paq = (window as any)._paq as any[]
+    const hasRequire = paq.some(e => Array.isArray(e) && e[0] === 'requireConsent')
+    expect(hasRequire).toBe(false)
+  })
+
+  it('ga: consent.update() pushes gtag consent update via dataLayer', async () => {
+    ;(window as any).dataLayer = []
+    const { useScriptGoogleAnalytics } = await import('../../packages/script/src/runtime/registry/google-analytics')
+    const result: any = useScriptGoogleAnalytics({ id: 'G-XXXX' })
+    result._opts.clientInit()
+    result.consent.update({ ad_storage: 'granted' })
+    const dl = (window as any).dataLayer as any[]
+    const updateArgs = dl.find(e => e[0] === 'consent' && e[1] === 'update')
+    expect(updateArgs?.[2]).toEqual({ ad_storage: 'granted' })
+  })
+
+  it('gtm: consent.update() pushes ["consent","update", state] onto dataLayer', async () => {
+    ;(window as any).dataLayer = []
+    const { useScriptGoogleTagManager } = await import('../../packages/script/src/runtime/registry/google-tag-manager')
+    const result: any = useScriptGoogleTagManager({ id: 'GTM-XXXX' })
+    result._opts.clientInit()
+    result.consent.update({ analytics_storage: 'granted' })
+    const dl = (window as any).dataLayer as any[]
+    expect(dl).toContainEqual(['consent', 'update', { analytics_storage: 'granted' }])
+  })
+
+  it('meta: consent.grant()/revoke() queue fbq(\'consent\', ...) calls', async () => {
+    const { useScriptMetaPixel } = await import('../../packages/script/src/runtime/registry/meta-pixel')
+    const result: any = useScriptMetaPixel({ id: '123' })
+    result._opts.clientInit()
+    ;(window as any).fbq.queue = []
+    result.consent.grant()
+    result.consent.revoke()
+    expect((window as any).fbq.queue).toEqual([
+      ['consent', 'grant'],
+      ['consent', 'revoke'],
+    ])
+  })
+
+  it('tiktok: consent.grant()/revoke()/hold() queue ttq consent actions', async () => {
+    const { useScriptTikTokPixel } = await import('../../packages/script/src/runtime/registry/tiktok-pixel')
+    const result: any = useScriptTikTokPixel({ id: 'CA123' })
+    result._opts.clientInit()
+    ;(window as any).ttq.queue = []
+    result.consent.grant()
+    result.consent.revoke()
+    result.consent.hold()
+    const queue = (window as any).ttq.queue as any[]
+    expect(queue.map(e => e[0])).toEqual(['grantConsent', 'revokeConsent', 'holdConsent'])
+  })
+
+  it('bing: consent.update() pushes consent update onto uetq', async () => {
+    ;(window as any).uetq = []
+    const { useScriptBingUet } = await import('../../packages/script/src/runtime/registry/bing-uet')
+    const result: any = useScriptBingUet({ id: '123' })
+    result._opts.clientInit()
+    result.consent.update({ ad_storage: 'granted' })
+    // Before bat.js loads, window.uetq is a raw array; Array.push spreads the
+    // 3 args as separate entries. The real UET queue drains them as a triple.
+    const uetq = (window as any).uetq as any[]
+    expect(uetq).toEqual(['consent', 'update', { ad_storage: 'granted' }])
+  })
+
+  it('clarity: consent.set(bool) calls clarity consent with the value', async () => {
+    const calls: any[] = []
+    const clarityFn = (...args: any[]) => {
+      calls.push(args)
+    }
+    clarityFn.q = []
+    ;(window as any).clarity = clarityFn
+    const { useScriptClarity } = await import('../../packages/script/src/runtime/registry/clarity')
+    const result: any = useScriptClarity({ id: 'p-123' })
+    result._opts.clientInit()
+    result.consent.set(true)
+    expect(calls).toContainEqual(['consent', true])
+  })
+
+  it('mixpanel: consent.optIn/optOut call opt_in_tracking/opt_out_tracking', async () => {
+    const optIn = vi.fn()
+    const optOut = vi.fn()
+    ;(window as any).mixpanel = { opt_in_tracking: optIn, opt_out_tracking: optOut, __SV: 1.2, _i: [], init: vi.fn() }
+    const { useScriptMixpanelAnalytics } = await import('../../packages/script/src/runtime/registry/mixpanel-analytics')
+    const result: any = useScriptMixpanelAnalytics({ token: 'tok' })
+    result._opts.clientInit()
+    result.consent.optIn()
+    result.consent.optOut()
+    expect(optIn).toHaveBeenCalledOnce()
+    expect(optOut).toHaveBeenCalledOnce()
+  })
+
+  it('posthog: consent.optIn/optOut route to posthog opt_in_capturing/opt_out_capturing', async () => {
+    const optIn = vi.fn()
+    const optOut = vi.fn()
+    ;(window as any).posthog = { opt_in_capturing: optIn, opt_out_capturing: optOut } as any
+    const { useScriptPostHog } = await import('../../packages/script/src/runtime/registry/posthog')
+    const result: any = useScriptPostHog({ apiKey: 'phc_xxx' })
+    // NOTE: posthog's clientInit is async and tied to dynamic import; we only
+    // care that the consent factory forwards correctly to the proxy here.
+    result.consent.optIn()
+    result.consent.optOut()
+    expect(optIn).toHaveBeenCalledOnce()
+    expect(optOut).toHaveBeenCalledOnce()
+  })
+})