Extension Details
Developer:
hocgin.top
Rating:
4.0 ★
(19 ratings)
Users:
3,000
Context-Aware Verdict
This section provides a Claude-based AI analysis that applies additional context to the risk. Results are not guaranteed to be accurate.
CRITICAL
Overall Risk
Trust Factors: This extension has several concerning trust indicators. With only 3,000 users and 19 reviews, it has a very small user base for verification. The 4.0 rating provides some positive signal, but the limited review count makes this less reliable. The developer domain "hocgin.top" is not a well-known or established company, raising questions about accountability and long-term support.
Concerns: The extension requests extremely broad permissions that far exceed what's necessary for a basic RSS reader. The <all_urls> host permission combined with content script injection on all websites creates significant privacy and security risks. The tabs permission allows monitoring of all browsing activity. Most concerning is the unsafe WebAssembly execution policy, which could hide malicious code. The content scripts targeting specific SSO domains (sso.hocgin.top/com) suggest potential data collection from authentication systems. These permissions would allow the extension to read sensitive data from banking sites, steal credentials, and track all browsing behavior.
Recommendations: Do not install this extension due to its critical risk level. If RSS reading functionality is needed, choose a well-established alternative with minimal permissions from a reputable developer. The combination of broad access permissions, unsafe execution policies, and unknown developer makes this extension unsuitable for any security-conscious environment. Consider using web-based RSS readers or extensions from verified publishers with transparent privacy policies instead.
Findings
This section provides a detailed analysis of the extension's security posture, without broader context. Assumes worst-case impact.
HIGH
Broad Content Script Injection
This extension can inject scripts into any website. This means it could potentially read sensitive data, modify website content, or steal credentials.
HIGH
Broad Host Permissions
This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.
HIGH
High-Risk Permission: tabs
This extension has the tabs permission. Can access browser tab information and manipulate tabs. This could potentially be used maliciously to compromise security or privacy.
HIGH
Unsafe WebAssembly Execution
This extension's Content Security Policy allows 'wasm-unsafe-eval', which permits potentially dangerous WebAssembly code execution. This could be used to hide malicious code or perform CPU-intensive operations.
MEDIUM
Medium-Risk Permission: contextMenus
This extension has the contextMenus permission. Can add items to the context menu.
MEDIUM
Medium-Risk Permission: notifications
This extension has the notifications permission. Can show notifications.
MEDIUM
Medium-Risk Permission: storage
This extension has the storage permission. Can store data locally.
Security Analysis Details
Required Permissions:
- tabs
- contextMenus
- storage
- scripting
- offscreen
- declarativeNetRequest
- notifications
Host Permissions:
- <all_urls>
Content Security Policy:
- extension_pages: script-src 'self' 'wasm-unsafe-eval'; object-src 'self'
Embedded URLs (122 total):
| https://cdn.hocgin.top/icons/20220222.addone-rss-reader.png | http://json-schema.org/draft-06/schema# | |
| http://json-schema.org/draft-07/schema | http://json-schema.org/schema | |
| https://www.hocgin.top | https://sso.hocgin.com/logout | |
| https://sso.hocgin.com | https://feed.hocgin.com | |
| https://github.com/dchest/tweetnacl-util-js | http://json-schema.org/draft-07/schema# | |
| https://github.com/ajv-validator/ajv/blob/master/lib/definition_schema.js | https://sso.hocgin.com/?redirectUrl=http://sso.hocgin.com/addone/ | |
| https://rss.hocgin.top/rss/api/rss/pulls | https://reactjs.org/docs/error-decoder.html?invariant= | |
| http://www.w3.org/1999/xlink | http://www.w3.org/XML/1998/namespace | |
| http://www.w3.org/2000/svg | http://www.w3.org/1998/Math/MathML | |
| http://www.w3.org/1999/xhtml | https://logspot.hocgin.top/ | |
| https://sso.hocgin.top/addone/ | https://sso.hocgin.top/login? | |
| https://logspot.hocgin.top/donate? | http://sso.hocgin.top/addone/ | |
| http://sso.hocgin.com/addone/ | https://sso.hocgin.com/addone/ | |
| https://sso.hocgin.top/welcome | https://raw.githubusercontent.com/ajv-validator/ajv/master/lib/refs/data.json# | |
| https://metafy.hocgin.top/api? | https://github.com/uuidjs/uuid#getrandomvalues-not-supported | |
| http://www.w3.org/2000/xmlns/ | https://github.com/browserify/crypto-browserify | |
| https://edge.microsoft.com/translate/auth | https://api-edge.cognitive.microsofttranslator.com/translate | |
| https://license.hocgin.com/projects/ | https://tinyurl.com/y2uuvskb | |
| http://bit.ly/2kdckMn | https://github.com/indutny/elliptic/issues | |
| https://github.com/indutny/elliptic | https://example.com | |
| https://clients2.google.com/service/update2/crx | https://logspot.hocgin.top/addone-rss-reader | |
| http://sso.hocgin.top/addone/addone-rss-reader/redirect | http://sso.hocgin.com/addone/addone-rss-reader/redirect | |
| https://sso.hocgin.top/addone/addone-rss-reader/redirect | https://sso.hocgin.com/addone/addone-rss-reader/redirect | |
| http://cdn.hocgin.top/icons/LXGWWenKaiGBScreen.ttf | http://docs.neo4j.org/chunked/milestone/query-function.html | |
| https://crystal-lang.org/api/0.36.1/Object.html#macro-summary | https://crystal-lang.org/api/0.36.1/toplevel.html | |
| https://crystal-lang.org/reference/syntax_and_semantics/literals/string.html | https://cdn.hocgin.top/icons/20240219.rss-reader.preview.gif | |
| http://cdn.hocgin.top/icons/7511710333360_.pic.jpg | http://cdn.hocgin.top/icons/7501710333312_.pic.jpg | |
| https://feed.hocgin.com/feed/search | https://github.com/microsoft/vscode/blob/fd4346210f59135fad81a8b8c4cea7bf5a9ca6b4/extensions/typescript-basics/syntaxes/TypeScript.tmLanguage.json#L4002-L4020 | |
| https://logspot.hocgin.top/donate | https://cdn.hocgin.top/uPic/mp-logo.jpg | |
| https://prosemirror.net/docs/guide/#generatable | https://github.com/textmate/swift.tmbundle/issues/29 | |
| https://github.com/microsoft/vscode-textmate/issues/140#issuecomment-1793610346 | https://github.com/microsoft/vscode-textmate/issues/164 | |
| http://manual.phpdoc.org/HTMLframesConverter/default/phpDocumentor/tutorial_phpDocumentor.howto.pkg.html#basics.docblocktemplate | http://www.php.net/manual/en/language.types.string.php#language.types.string.parsing | |
| https://github.com/kylebarron/language-stata/issues/53 | http://fb.me/use-check-prop-types | |
| https://docs.microsoft.com/en-us/azure/kusto/query/statements | https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/datatypes-string-operators | |
| https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/clusterfunction | https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/tablefunction | |
| https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/betweenoperator | https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/binoperators | |
| https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/binary-notfunction | https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/in-cs-operator | |
| https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/rangefunction | https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/scalarfunctions | |
| https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/binfunction | https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/count-aggfunction | |
| https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/aggregation-functions | https://learn.microsoft.com/en-us/azure/data-explorer/kusto/query/geospatial-grid-systems |
Page 1 of 2
Raw Manifest
{ "name": "__MSG_extension_name__", "icons": { "16": "$_logo_16.png", "32": "$_logo_32.png", "48": "$_logo_48.png", "128": "$_logo_128.png" }, "action": { "default_popup": "$popup.html", "default_title": "__MSG_extension_action_title__" }, "version": "0.0.40", "background": { "service_worker": "background.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_extension_description__", "permissions": [ "tabs", "contextMenus", "storage", "scripting", "offscreen", "declarativeNetRequest", "notifications" ], "homepage_url": "https://logspot.hocgin.top/addone-rss-reader", "options_page": "$options.html", "default_locale": "en", "content_scripts": [ { "js": [ "contentScript_0.js" ], "css": [], "run_at": "document_start", "matches": [ "http://sso.hocgin.top/addone/addone-rss-reader/redirect*", "http://sso.hocgin.com/addone/addone-rss-reader/redirect*", "https://sso.hocgin.top/addone/addone-rss-reader/redirect*", "https://sso.hocgin.com/addone/addone-rss-reader/redirect*" ], "all_frames": false }, { "js": [ "contentScript_1.js" ], "css": [], "run_at": "document_start", "matches": [ "*://feed.hocgin.com/feed/search*" ], "all_frames": false }, { "js": [ "contentScript_2.js" ], "css": [], "run_at": "document_start", "matches": [ "*://*/*" ], "all_frames": false } ], "host_permissions": [ "<all_urls>" ], "manifest_version": 3, "minimum_chrome_version": "88", "content_security_policy": { "extension_pages": "script-src 'self' 'wasm-unsafe-eval'; object-src 'self'" }, "web_accessible_resources": [ { "matches": [ "<all_urls>" ], "resources": [ "umi.css", "umi.js", "dashboard.html" ] } ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
Loading Secure Annex data...
Unable to load Secure Annex data.
This extension may not yet be analyzed by Secure Annex.
Detections
0Critical
0
High
0
Medium
0
Low
0
Has Verdicts
Yes
Manifest Findings
0Critical
0
High
0
Medium
0
Low
0
Secure Annex analyzed version: -