Extension Details
Context-Aware Verdict
The extension has a solid user base of 10,000 users with a strong 4.6-star rating from 74 reviews, indicating positive user experiences. The developer uses the domain sokolov.cc, which suggests some level of professional presence. The extension's purpose - injecting custom CSS into web pages - is clearly defined and legitimate.
The activeTab permission allows the extension to access and modify content on any website you visit when activated, which is necessary for CSS injection but creates potential for misuse. The storage permission enables data persistence, which could theoretically be used to collect browsing patterns or site modifications. While these permissions align with the extension's stated functionality, they provide broad access capabilities that could be exploited if the extension were compromised or malicious.
The relatively small user base compared to major extensions means less community oversight, and the lack of detailed developer information makes it harder to verify trustworthiness.
Consider running this extension in a separate Chrome profile if you plan to use it on sensitive websites. Regularly review what CSS modifications you've saved and remove unused ones. Monitor the extension's behavior for any unexpected network requests or data collection. Given the moderate risk level and legitimate use case, the extension appears safe for general use but warrants basic caution when used on sites containing sensitive information.
Findings
Security Analysis Details
Required Permissions:
- activeTab
- scripting
- storage
Embedded URLs (12 total):
| https://clients2.google.com/service/update2/crx | https://codemirror.net/5/LICENSE | |
| https://codemirror.net/5 | http://marijnhaverbeke.nl/blog/#cm-internals | |
| http://unicode.org/reports/tr9/tr9-13.html | https://github.com/codemirror/CodeMirror/pull/5673 | |
| https://bugs.chromium.org/p/chromium/issues/detail?id=489206 | http://marijnhaverbeke.nl/blog/codemirror-line-tree.html | |
| https://github.com/denis-sokolov/chrome-custom-css/issues/1 | https://github.com/denis-sokolov/chrome-custom-css | |
| https://thenounproject.com/kapklam/uploads/?i=524479 | https://codemirror.net/5/ |
Raw Manifest
{ "name": "__MSG_extension_name__", "icons": { "16": "src/icons/16.png", "48": "src/icons/48.png", "128": "src/icons/128.png", "256": "src/icons/256.png" }, "action": { "default_popup": "src/popup/index.html" }, "version": "1.4.0", "background": { "type": "module", "service_worker": "src/background/index.js" }, "short_name": "__MSG_extension_short_name__", "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_extension_description__", "permissions": [ "activeTab", "scripting", "storage" ], "default_locale": "en", "manifest_version": 3, "optional_host_permissions": [ "http://*/", "https://*/" ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.