Extension Details
Developer:
http://wildfire.ai/
Rating:
3.7 ★
(95 ratings)
Users:
9,000
Context-Aware Verdict
This section provides a Claude-based AI analysis that applies additional context to the risk. Results are not guaranteed to be accurate.
CRITICAL
Overall Risk
Trust Factors:
The extension has a moderate user base of 9,000 downloads and an average rating of 3.7 stars from 95 reviews, suggesting mixed user experiences. The developer website (wildfire.ai) provides some legitimacy, but the lack of detailed developer information and the extension's broad permission scope raise concerns about transparency and accountability.
Concerns:
This extension exhibits extremely concerning permission patterns that far exceed what most legitimate extensions require. The combination of clipboard access, proxy control, web request interception, cookie manipulation, and debugger permissions creates a perfect storm for data theft and system compromise. The ability to access all URLs combined with web request blocking means this extension can intercept, modify, or steal any data you transmit online. The unsafe JavaScript evaluation policy further amplifies security risks by allowing dynamic code execution. The extensive permission set suggests potential malware or spyware functionality rather than legitimate utility.
Recommendations:
Do not install this extension under any circumstances. The permission combination is characteristic of malicious software designed for data harvesting, credential theft, or system compromise. If you must evaluate it for research purposes, use a completely isolated virtual machine with no sensitive data. Consider reporting this extension to Chrome's security team. Look for alternative extensions with minimal, purpose-specific permissions from well-established developers with clear privacy policies.
Findings
This section provides a detailed analysis of the extension's security posture, without broader context. Assumes worst-case impact.
HIGH
Dangerous Permission Combination: webRequest + webRequestBlocking
This extension can intercept, modify, and block web requests in real-time. This combination could be used to modify sensitive web traffic or steal data.
HIGH
High-Risk Permission: <all_urls>
This extension has the <all_urls> permission. Can access all websites and their content. This could potentially be used maliciously to compromise security or privacy.
HIGH
High-Risk Permission: clipboardRead
This extension has the clipboardRead permission. Can read clipboard content. This could potentially be used maliciously to compromise security or privacy.
HIGH
High-Risk Permission: clipboardWrite
This extension has the clipboardWrite permission. Can modify clipboard content. This could potentially be used maliciously to compromise security or privacy.
HIGH
High-Risk Permission: cookies
This extension has the cookies permission. Can access and modify browser cookies. This could potentially be used maliciously to compromise security or privacy.
HIGH
High-Risk Permission: debugger
This extension has the debugger permission. Can debug and manipulate other extensions/apps. This could potentially be used maliciously to compromise security or privacy.
HIGH
High-Risk Permission: proxy
This extension has the proxy permission. Can control proxy settings. This could potentially be used maliciously to compromise security or privacy.
HIGH
High-Risk Permission: tabs
This extension has the tabs permission. Can access browser tab information and manipulate tabs. This could potentially be used maliciously to compromise security or privacy.
HIGH
High-Risk Permission: webNavigation
This extension has the webNavigation permission. Can track your web navigation. This could potentially be used maliciously to compromise security or privacy.
HIGH
High-Risk Permission: webRequest
This extension has the webRequest permission. Can intercept and modify web requests. This could potentially be used maliciously to compromise security or privacy.
HIGH
High-Risk Permission: webRequestBlocking
This extension has the webRequestBlocking permission. Can block and modify web requests in real-time. This could potentially be used maliciously to compromise security or privacy.
HIGH
Unsafe JavaScript Evaluation
This extension's Content Security Policy allows 'unsafe-eval', which permits dynamic JavaScript code execution using eval() and similar functions. This is a significant security risk as it could allow execution of malicious code.
MEDIUM
Medium-Risk Permission: contextMenus
This extension has the contextMenus permission. Can add items to the context menu.
MEDIUM
Medium-Risk Permission: notifications
This extension has the notifications permission. Can show notifications.
MEDIUM
Medium-Risk Permission: storage
This extension has the storage permission. Can store data locally.
MEDIUM
Medium-Risk Permission: unlimitedStorage
This extension has the unlimitedStorage permission. Can store unlimited data locally.
MEDIUM
Older Manifest Version
This extension uses Manifest Version 2, which has fewer security restrictions than Manifest V3. Consider using extensions that have upgraded to V3.
Security Analysis Details
Required Permissions:
- alarms
- clipboardRead
- clipboardWrite
- contextMenus
- nativeMessaging
- browsingData
- proxy
- webRequest
- webRequestBlocking
- cookies
- tabs
- webNavigation
- storage
- tabCapture
- notifications
- http://*/
- https://*/
- <all_urls>
- unlimitedStorage
- debugger
Content Security Policy:
- script-src 'self' 'unsafe-eval'; object-src 'self'
Embedded URLs (417 total):
| https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js | https://oss.maxcdn.com/respond/1.4.2/respond.min.js | |
| https://wildfire.ai/tour1_1 | https://github.com/mholt/PapaParse | |
| http://www.w3.org/1999/xhtml | http://www.w3.org/2000/svg | |
| http://www.w3.org/1999/xlink | http://www.w3.org/XML/1998/namespace | |
| http://www.w3.org/2000/xmlns/ | https://github.com/iann0036/wildfire | |
| https://addons.mozilla.org/en-GB/firefox/addon/wildfire/ | https://cloud.wildfire.ai/register/ | |
| https://wildfire.ai/examples/ | https://api.wildfire.ai/v1/contact | |
| https://wildfire.ai/tour1_1/ | https://downloads.wildfire.ai/WildfireHelperInstaller.exe | |
| https://downloads.wildfire.ai/WildfireHelper.dmg | https://cloud.wildfire.ai/workflows/ | |
| http://jqueryui.com | http://bugs.jquery.com/ticket/9413 | |
| http://bugs.jquery.com/ticket/8235 | http://medialize.github.com/jQuery-contextMenu/ | |
| http://www.opensource.org/licenses/mit-license | http://opensource.org/licenses/GPL-3.0 | |
| http://css-tricks.com/13224-pseudo-spriting/ | http://code.google.com/p/canvg/ | |
| http://www.phpied.com/rgb-color-parser-in-javascript/ | https://developer.mozilla.org/en-US/docs/Web/API/Element.matches | |
| https://github.com/jquery/sizzle/wiki/Sizzle-Documentation | http://jquery.com/download/ | |
| http://zeptojs.com/# | https://github.com/keeganstreet/specificity/blob/master/specificity.js | |
| http://blog.hackers-cafe.net/2009/06/how-to-calculate-bezier-curves-bounding.html | http://www.w3.org/TR/SVG/coords.html#PreserveAspectRatioAttribute | |
| http://www.w3.org/TR/SVG11/paths.html#PathDataBNF | http://www.w3.org/TR/SVG11/implnote.html#ArcImplementationNotes | |
| http://www.w3.org/TR/SVG/struct.html#UseElement | http://www.w3.org/TR/SVG/filters.html#feColorMatrixElement | |
| https://github.com/jquery/jquery-ui/blob/master/ui/jquery.ui.widget.js#L16-24 | http://www.whatwg.org/specs/web-apps/current-work/multipage/interactive-elements.html#context-menus | |
| http://bugs.jquery.com/ticket/10705 | http://www.whatwg.org/specs/web-apps/current-work/multipage/editing.html#assigned-access-key | |
| http://www.quirksmode.org/dom/events/contextmenu.html | http://www.whatwg.org/specs/web-apps/current-work/multipage/commands.html#concept-command | |
| http://www.whatwg.org/specs/web-apps/current-work/multipage/interactive-elements.html#the-menu-element | http://www.whatwg.org/specs/web-apps/current-work/multipage/commands.html#using-the-a-element-to-define-a-command | |
| http://www.whatwg.org/specs/web-apps/current-work/multipage/commands.html#using-the-button-element-to-define-a-command | http://www.whatwg.org/specs/web-apps/current-work/multipage/commands.html#using-the-command-element-to-define-a-command | |
| http://jeremyckahn.github.io/shifty | http://www.JSON.org/js.html | |
| http://javascript.crockford.com/jsmin.html | http://www.quasimondo.com/StackBlurForCanvas | |
| https://flattr.com/thing/72791/StackBlur-a-fast-almost-Gaussian-Blur-Effect-for-CanvasJavascript | https://github.com/padolsey/jQuery.fn.autoResize | |
| http://sam.zoy.org/wtfpl/COPYING | http://raphaeljs.com | |
| http://sencha.com | http://raphaeljs.com/license.html | |
| http://dmitry.baranovskiy.com/ | http://www.opensource.org/licenses/mit-license.php | |
| http://www.apache.org/licenses/LICENSE-2.0 | http://raphaeljs.com/ | |
| http://www.w3.org/TR/SVG11/feature#BasicStructure | http://dean.edwards.name/weblog/2009/10/convert-any-colour-value-to-hex-in-msie/ | |
| http://schepers.cc/getting-to-the-point | http://www.w3.org/TR/SVG/paths.html#PathData | |
| http://en.wikipedia.org/wiki/Catmull | http://raphaeljs.com/icons/ | |
| http://raphaeljs.com/easing.html | http://wiki.github.com/sorccu/cufon/about | |
| http://webreflection.blogspot.com/2009/11/195-chars-to-help-lazy-loading.html | https://github.com/DmitryBaranovskiy/raphael/issues/693 | |
| http://www.w3.org/TR/SVG/ | http://en.wikipedia.org/wiki/HSL_and_HSV | |
| http://www.medikoo.com/ | http://msdn.microsoft.com/en-us/library/ms531194%28VS.85%29.aspx | |
| http://ejohn.org/ | http://lavrton.github.io/KineticJS/ | |
| https://github.com/lavrton/KineticJS/wiki/License | http://flesler.blogspot.com |
Page 1 of 6
Raw Manifest
{ "name": "Wildfire", "icons": { "16": "icon-16.png", "32": "icon-32.png", "48": "icon-48.png", "128": "icon-128.png" }, "author": "wildfire.ai", "version": "1.3.10", "commands": { "play-workflow-1": { "description": "Play Favorited Workflow #1", "suggested_key": { "mac": "MacCtrl+Shift+1", "default": "Ctrl+Shift+1" } }, "play-workflow-2": { "description": "Play Favorited Workflow #2", "suggested_key": { "mac": "MacCtrl+Shift+2", "default": "Ctrl+Shift+2" } }, "play-workflow-3": { "description": "Play Favorited Workflow #3" }, "stop-simulation": { "global": true, "description": "Stop Simulation", "suggested_key": { "default": "Ctrl+Shift+0" } }, "run-current-workflow": { "description": "Play Current Workflow", "suggested_key": { "mac": "MacCtrl+Shift+9", "default": "Ctrl+Shift+9" } } }, "background": { "scripts": [ "tesseract/tesseract.js", "jquery-2.2.4.min.js", "main.js", "aes.js", "exprparse.js", "fuzzyset/fuzzyset.js" ] }, "short_name": "Wildfire", "update_url": "https://clients2.google.com/service/update2/crx", "description": "Record browser actions then replay immediately. Craft your own custom automation workflows.", "permissions": [ "alarms", "clipboardRead", "clipboardWrite", "contextMenus", "nativeMessaging", "browsingData", "proxy", "webRequest", "webRequestBlocking", "cookies", "tabs", "webNavigation", "storage", "tabCapture", "notifications", "http://*/", "https://*/", "<all_urls>", "unlimitedStorage", "debugger" ], "applications": { "gecko": { "id": "support@wildfire.ai", "strict_min_version": "48.0" } }, "browser_action": { "default_icon": { "16": "icon-16.png", "32": "icon-32.png" }, "browser_style": false, "default_popup": "popup.html" }, "content_scripts": [ { "js": [ "jquery-2.2.4.min.js", "content.js" ], "matches": [ "http://*/*", "https://*/*" ], "all_frames": true, "match_about_blank": true } ], "offline_enabled": true, "manifest_version": 2, "minimum_opera_version": "33.0", "externally_connectable": { "matches": [ "https://wildfire.ai/*", "https://www.wildfire.ai/*", "https://api.wildfire.ai/*", "https://cloud.wildfire.ai/*" ] }, "content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'self'", "web_accessible_resources": [ "embedded.js" ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
Loading Secure Annex data...
Unable to load Secure Annex data.
This extension may not yet be analyzed by Secure Annex.
Detections
0Critical
0
High
0
Medium
0
Low
0
Has Verdicts
Yes
Manifest Findings
0Critical
0
High
0
Medium
0
Low
0
Secure Annex analyzed version: -