Don't trust, verify (the code). Just 60 lines! No third-party code.
Usable offline: open verifiable-aes-gcm-file-encryption.html in a browser.
The encrypted file is indistinguishable from a random sequence of bytes (there are no identifiers).
Avoid passwords as there is no KDF. Instead, prefer high-entropy passphrases because they are easier to remember (e.g. 6 words have over 128 bits of entropy in wiktionary-passphrase-generation.html).
Details: AES-256-GCM. Key is SHA-256(passphrase). Encrypted file is random 12-byte IV + ciphertext + 16-byte tag. Uses window.crypto browser API (no homemade crypto).
Maximum file size: ~64 GiB (NIST SP 800-38D sec. 5.2.1.1). File size must be less than available RAM as there is no streaming.