Starting analysis...
Extension Details
Rating:
4.4 ★
(366 ratings)
Size:
534KiB
Last Updated:
November 9, 2024
Users:
100,000
Context-Aware Verdict
This section provides a Claude-based AI analysis that applies additional context to the risk. Results are not guaranteed to be accurate.
LOW
Risk Level
Trust Factors:
- The extension has a high number of users (100,000), indicating widespread adoption and trust.
- It has a good rating of 4.4 out of 5 from 366 reviews, suggesting user satisfaction.
- The extension has been regularly updated, with the latest version released on November 9, 2024, demonstrating active maintenance and support.
Concerns:
- The "contextMenus" permission allows the extension to add items to the context menu, which could potentially be used for malicious purposes, although this is a common permission for productivity extensions.
- The "storage" permission allows the extension to store data locally, which could potentially be misused to store sensitive information.
Recommendations:
- Given the extension's popularity, good rating, and active maintenance, the overall risk appears to be low.
- However, as a precaution, users should exercise caution when granting permissions to any extension and only install extensions from trusted sources.
- Users can periodically review the extension's permissions and revoke any unnecessary ones to minimize potential risks.
- If desired, users can run the extension in a separate Chrome profile or incognito mode for added security.
Security Analysis
This section provides a detailed analysis of the extension's security posture, without broader context. Assumes worst-case impact.
MEDIUM
Overall Risk
Based on 2 total findings, ranked without considering overall context, including 0 high-risk and 2 medium-risk findings.
MEDIUM
Medium-Risk Permission: contextMenus
This extension has the contextMenus permission. Can add items to the context menu.
MEDIUM
Medium-Risk Permission: storage
This extension has the storage permission. Can store data locally.
Security Analysis Details
Required Permissions:
- contextMenus
- storage
Embedded URLs (354 total):
| https://clients2.google.com/service/update2/crx | https://markdown-here.com | |
| https://adampritchard.mit-license.org/ | https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/manifest.json/background | |
| https://github.com/adam-p/markdown-here/issues/119 | https://code.google.com/p/chromium/issues/detail?id=168263 | |
| https://developer.mozilla.org/en-US/docs/DOM/element.addEventListener#Multiple_identical_event_listeners | https://github.com/adam-p/markdown-here/issues | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=740813 | http://www.apache.org/licenses/LICENSE-2.0 | |
| https://code.google.com/archive/p/google-trekker/ | https://en.wikipedia.org/wiki/HTML_element | |
| https://github.com/adam-p/markdown-here/issues/85 | https://github.com/adam-p/markdown-here/issues/173 | |
| https://github.com/adam-p/markdown-here/issues/435 | http://jsbin.io | |
| https://github.com/adam-p/markdown-here/issues/31 | https://stackoverflow.com/a/3333679/729729 | |
| https://github.com/adam-p/markdown-here/issues/427 | https://developer.mozilla.org/en-US/docs/Web/CSS/:scope#Browser_compatibility | |
| https://github.com/adam-p/markdown-here/issues/297 | https://stackoverflow.com/a/1483487/729729 | |
| https://en.wikipedia.org/wiki/Zero-width_space | https://github.com/chjj/marked | |
| https://github.com/chjj/marked. | https://stackoverflow.com/questions/31952381/end-of-string-regex-match-too-slow | |
| https://blog.stevenlevithan.com/archives/mimic-lookbehind-javascript | https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Global_Objects/String/replace#Specifying_a_string_as_a_parameter | |
| https://latex.codecogs.com/png.image? | https://code.google.com/chrome/extensions/dev/storage.html | |
| https://rosettacode.org/wiki/String_length#JavaScript | https://developer.mozilla.org/en-US/docs/Web/API/Element.insertAdjacentHTML | |
| https://github.com/adam-p/markdown-here/issues/179 | https://bugzilla.mozilla.org/show_bug.cgi?id=665279 | |
| https://stackoverflow.com/a/3819589/729729 | https://stackoverflow.com/a/5499821/729729 | |
| https://developer.mozilla.org/en-US/docs/Web/API/WindowTimers/setTimeout#Inactive_tabs | https://developer.mozilla.org/en-US/docs/Code_snippets/Miscellaneous#Using_string_bundles_from_JavaScript | |
| https://developer.mozilla.org/en-US/docs/Using_nsISimpleEnumerator | https://stackoverflow.com/a/55466325 | |
| https://developer.mozilla.org/en-US/docs/Web/JavaScript/Base64_encoding_and_decoding | http://www.w3.org/1999/xhtml | |
| https://github.com/adam-p/markdown-here/issues/261 | https://github.com/adam-p/markdown-here/wiki/Tips-and-Tricks#tex | |
| https://github.com/adam-p/markdown-here/issues/874 | https://github.com/adam-p/markdown-here/issues/722 | |
| https://github.com/amacfie | https://github.com/AlexWayfer | |
| https://github.com/adam-p/markdown-here/issues/865 | https://github.com/adam-p/markdown-here/issues/524 | |
| https://github.com/adam-p/markdown-here/issues/526 | https://github.com/KSR-Yasuda | |
| https://github.com/ensleep | https://github.com/pmanu93 | |
| https://github.com/stombi | https://github.com/littdky | |
| https://github.com/lashkevi | https://github.com/morsedl | |
| https://github.com/adam-p/markdown-here/issues/495 | https://github.com/dugite-code | |
| https://github.com/adam-p/markdown-here/pull/518 | https://github.com/marespiaut | |
| https://github.com/tehmul | https://github.com/PackElend | |
| https://github.com/qolii | https://github.com/StuntsPT | |
| https://github.com/evazquez00 | https://github.com/lincoln-b | |
| https://github.com/nedchu | https://github.com/adam-p/markdown-here/issues/369 | |
| https://github.com/samestep | https://github.com/r2evans | |
| https://github.com/happyconfident | https://github.com/juaalta | |
| https://github.com/haililihai | https://github.com/shiliang-hust | |
| https://github.com/jjroper | https://github.com/l0o0 | |
| https://www.angerson.org/ | http://rgd2.co/ |
Page 1 of 5
Raw Manifest
{ "name": "__MSG_app_name__", "icons": { "16": "common/images/icon16.png", "32": "common/images/icon32.png", "48": "common/images/icon48.png", "128": "common/images/icon128.png", "512": "common/images/icon512.png" }, "action": { "default_icon": { "16": "common/images/icon16-button-monochrome.png", "19": "common/images/icon19-button-monochrome.png", "32": "common/images/icon32-button-monochrome.png", "38": "common/images/icon38-button-monochrome.png", "64": "common/images/icon64-button-monochrome.png" }, "browser_style": true, "default_title": "__MSG_toggle_button_tooltip__" }, "version": "2.14.2", "background": { "page": "chrome/background.html#background-page", "service_worker": "chrome/backgroundscript.js" }, "options_ui": { "page": "common/options.html", "open_in_tab": true }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_app_slogan__", "permissions": [ "contextMenus", "storage" ], "homepage_url": "https://markdown-here.com", "default_locale": "en", "content_scripts": [ { "js": [ "common/utils.js", "common/common-logic.js", "common/jsHtmlToText.js", "common/marked.js", "common/mdh-html-to-text.js", "common/markdown-here.js", "chrome/contentscript.js" ], "matches": [ "http://*/*", "https://*/*" ] } ], "manifest_version": 3 }
Secure Annex (beta)
Coming soon...