If you're not a JavaScript developer, that's not so easy to do with NoScript, unfortunately, because you'd have to allow the file to load, or pause it with a debugger, to see what is actually going on. Some scripts are also loaded at runtime.
LibreJS will list every script and its contents if it's not marked with a free license, but since it will refuse to execute it, it will not load anything that is dynamically loaded at runtime. But a malicious script could just mark itself as free to get around that.
Yes, and given the prevalence of javascript in 2015, I don't see this as a practical option at all for actually using the Internet.
Chrome canary + uBlock *uMatrix (which lets you allow images / scripts / css / XHR selectively per-domain) is about as much as I can stand to maintain.
LibreJS will list every script and its contents if it's not marked with a free license, but since it will refuse to execute it, it will not load anything that is dynamically loaded at runtime. But a malicious script could just mark itself as free to get around that.
It's a bad situation all-around.