Extension Details
Rating:
4.4 ★
(28 ratings)
Users:
5,000
Context-Aware Verdict
This section provides a Claude-based AI analysis that applies additional context to the risk. Results are not guaranteed to be accurate.
HIGH
Overall Risk
Trust Factors: The extension has a decent user base of 5,000 downloads and a solid 4.4-star rating from 28 reviews, suggesting users find it functional. The specific purpose of viewing JPEG XL files is legitimate and addresses a real need since native browser support for this format is limited. However, the lack of developer information and company details reduces transparency and accountability.
Concerns: The extension's permissions are extremely broad relative to its stated purpose. For a simple image viewer, requesting access to all websites and the ability to inject content scripts everywhere is excessive and concerning. The declarativeNetRequest permission combined with all_urls access creates potential for network manipulation. The unsafe WebAssembly execution policy, while possibly necessary for image processing, introduces additional security risks by allowing potentially obfuscated code execution.
Recommendations: Given the high-risk permissions that seem disproportionate to the extension's functionality, consider running this in a separate Chrome profile to isolate potential security impacts. Before installing, verify if your browser has native JPEG XL support or if there are alternative viewers with more restrictive permissions. If you must use this extension, monitor your browsing activity for any unusual behavior and consider disabling it when not actively viewing JPEG XL files. The broad permissions suggest this extension could access sensitive data across all websites you visit.
Findings
This section provides a detailed analysis of the extension's security posture, without broader context. Assumes worst-case impact.
HIGH
Broad Content Script Injection
This extension can inject scripts into any website. This means it could potentially read sensitive data, modify website content, or steal credentials.
HIGH
Broad Host Permissions
This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.
HIGH
Unsafe WebAssembly Execution
This extension's Content Security Policy allows 'wasm-unsafe-eval', which permits potentially dangerous WebAssembly code execution. This could be used to hide malicious code or perform CPU-intensive operations.
Security Analysis Details
Required Permissions:
- declarativeNetRequest
Host Permissions:
- <all_urls>
Content Security Policy:
- extension_pages: object-src 'self'; script-src 'self' 'wasm-unsafe-eval'
Embedded URLs (15 total):
| https://clients2.google.com/service/update2/crx | http://site.com/etc/etc | |
| http://kripken.github.io/emscripten-site/docs/api_reference/preamble.js.html | https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Math/imul | |
| https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Math/fround | https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Math/clz32 | |
| https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Math/trunc | https://github.com/google/closure-compiler/pull/3913 | |
| https://github.com/github/fetch/pull/92#issuecomment-140665932 | https://emscripten.org/docs/getting_started/FAQ.html#how-do-i-run-a-local-webserver-for-testing-why-does-my-program-stall-in-downloading-or-preparing | |
| https://github.com/emscripten-core/emscripten/pull/16917 | https://github.com/google/closure-compiler/issues/3193 | |
| http://en.wikipedia.org/wiki/UTF-8#Description | https://www.ietf.org/rfc/rfc2279.txt | |
| https://tools.ietf.org/html/rfc3629 |
Raw Manifest
{ "name": "JPEG XL Viewer", "icons": { "16": "img/icon_16.png", "24": "img/icon_24.png", "32": "img/icon_32.png", "48": "img/icon_48.png", "64": "img/icon_64.png", "128": "img/icon_128.png", "256": "img/icon_256.png" }, "action": { "default_icon": { "19": "img/icon_19.png", "38": "img/icon_38.png" }, "default_title": "JPEG XL Viewer" }, "version": "0.3.0", "update_url": "https://clients2.google.com/service/update2/crx", "description": "Displays JPEG XL images.", "permissions": [ "declarativeNetRequest" ], "version_name": "0.3.0", "content_scripts": [ { "js": [ "main.js" ], "run_at": "document_start", "matches": [ "<all_urls>" ] } ], "host_permissions": [ "<all_urls>" ], "manifest_version": 3, "minimum_chrome_version": "88", "content_security_policy": { "extension_pages": "object-src 'self'; script-src 'self' 'wasm-unsafe-eval'" }, "declarative_net_request": { "rule_resources": [ { "id": "rules", "path": "rules.json", "enabled": true } ] }, "web_accessible_resources": [ { "matches": [ "<all_urls>" ], "resources": [ "worker.js", "libjxl.js", "libjxl.wasm" ] } ], "browser_specific_settings": { "gecko": { "id": "jxl@twdb.moe" } } }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
Loading Secure Annex data...
Unable to load Secure Annex data.
This extension may not yet be analyzed by Secure Annex.
Detections
0Critical
0
High
0
Medium
0
Low
0
Has Verdicts
Yes
Manifest Findings
0Critical
0
High
0
Medium
0
Low
0
Secure Annex analyzed version: -