Extension Details
Developer:
foxified.org
Rating:
4.8 ★
(6.9K ratings)
Size:
571KiB
Last Updated:
August 9, 2024
Users:
1,000,000
Context-Aware Verdict
This section provides a Claude-based AI analysis that applies additional context to the risk. Results are not guaranteed to be accurate.
MEDIUM
Risk Level
Trust Factors:
- The extension has a relatively high number of users (1,000,000) and a good rating (4.8/5), which suggests that it is a popular and well-received extension.
- The developer information is provided (foxified.org), which adds some transparency.
Concerns:
- The extension requests the "unlimitedStorage" permission, which allows it to store an unlimited amount of data locally. This could potentially be a privacy concern if the extension collects and stores sensitive user data.
- The extension has broad host permissions that allow it to access many or all websites. This could potentially be used to track browsing activity or steal sensitive data from websites.
Recommendations:
- Review the extension's privacy policy and terms of service to understand how user data is collected, used, and stored.
- Consider running the extension in a separate Chrome profile or incognito mode to isolate it from your main browsing session and limit potential privacy risks.
- Monitor the extension's behavior and resource usage to ensure it is not engaging in any suspicious activities.
- Keep the extension updated to the latest version to ensure any security vulnerabilities are patched.
- If you have concerns about the extension's permissions or behavior, consider uninstalling it and finding an alternative with fewer permissions or better privacy practices.
Security Analysis
This section provides a detailed analysis of the extension's security posture, without broader context. Assumes worst-case impact.
MEDIUM
Overall Risk
Based on 3 total findings, ranked without considering overall context, including 1 high-risk and 2 medium-risk findings.
HIGH
Broad Host Permissions
This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.
MEDIUM
Medium-Risk Permission: storage
This extension has the storage permission. Can store data locally.
MEDIUM
Medium-Risk Permission: unlimitedStorage
This extension has the unlimitedStorage permission. Can store unlimited data locally.
Security Analysis Details
Required Permissions:
- alarms
- storage
- unlimitedStorage
- offscreen
- scripting
- sidePanel
Optional Permissions:
- tabs
- downloads
Host Permissions:
- https://addons.cdn.mozilla.net/user-media/addons/*
Embedded URLs (21 total):
| https://fonts.googleapis.com/css2?family=Inter:wght@400 | http://www.w3.org/2000/svg | |
| http://stuartk.com/jszip | https://raw.github.com/Stuk/jszip/main/LICENSE.markdown. | |
| https://github.com/nodeca/pako/blob/main/LICENSE | https://stuk.github.io/jszip/documentation/howto/read_zip.html | |
| https://addons.mozilla.org/en-US/firefox/addon/ | https://addons.mozilla.org/firefox/downloads/latest/ | |
| https://foxified.org/installed | https://foxified.org/warning | |
| https://www.google-analytics.com/mp/collect | https://github.com/uuidjs/uuid#getrandomvalues-not-supported | |
| https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/runtime/onMessage | https://vuejs.org/error-reference/#runtime- | |
| http://www.w3.org/1998/Math/MathML | http://www.w3.org/1999/xlink | |
| https://clients2.google.com/service/update2/crx | https://foxified.org | |
| https://addons.mozilla.org/ | https://addons.cdn.mozilla.net/user-media/addons/ | |
| https://foxified.org/ |
Raw Manifest
{ "name": "__MSG_extName__", "icons": { "16": "assets/img/icon-16px.png", "19": "assets/img/icon-19px.png", "38": "assets/img/icon-38px.png", "48": "assets/img/icon-48px.png", "128": "assets/img/icon-128px.png" }, "action": { "default_icon": "assets/img/icon-38px.png", "default_popup": "ff-popup.html" }, "author": "Foxified", "sandbox": { "pages": [ "ff-sandbox.html" ] }, "version": "2.1.1", "background": { "service_worker": "assets/js/ff-background.js" }, "options_ui": { "page": "ff-options.html", "open_in_tab": true }, "side_panel": { "default_path": "ff-sidepanel.html" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_extDescription__", "permissions": [ "alarms", "storage", "unlimitedStorage", "offscreen", "scripting", "sidePanel" ], "homepage_url": "https://foxified.org", "default_locale": "en", "content_scripts": [ { "js": [ "assets/js/ff-store.js" ], "run_at": "document_start", "matches": [ "https://addons.mozilla.org/*/firefox/addon/*" ] } ], "host_permissions": [ "https://addons.cdn.mozilla.net/user-media/addons/*" ], "manifest_version": 3, "optional_permissions": [ "tabs", "downloads" ], "externally_connectable": { "matches": [ "https://foxified.org/*" ] }, "minimum_chrome_version": "120", "optional_host_permissions": [ "http://*/*", "https://*/*" ] }
Secure Annex (beta)
Coming soon...