Extension Details
Developer:
devapt.com
Rating:
4.2 ★
(60 ratings)
Size:
66.36KiB
Last Updated:
November 25, 2024
Users:
40,000
Context-Aware Verdict
This section provides a Claude-based AI analysis that applies additional context to the risk. Results are not guaranteed to be accurate.
HIGH
Risk Level
Trust Factors:
- The extension has a relatively high number of users (40,000), which could indicate some level of trust.
- The developer's website (devapt.com) appears to be a legitimate domain, but there is limited information available about the company's reputation.
Concerns:
- The extension requests the "storage" permission, which allows it to store data locally. While this permission is not inherently malicious, it could potentially be used to store sensitive information without the user's knowledge.
- The extension injects content scripts into all websites (<all_urls>). This broad permission could potentially allow the extension to read sensitive data, modify website content, or steal credentials from any website the user visits.
Recommendations:
- Exercise caution when using this extension, as it has the capability to access and potentially misuse sensitive information.
- Consider running the extension in a separate Chrome profile or incognito mode to isolate its activities from your main browsing session.
- Regularly review the extension's permissions and behavior, and uninstall it if you notice any suspicious activities.
- Look for alternative extensions with similar functionality but more transparent and trustworthy developers, or consider using built-in browser features instead of third-party extensions when possible.
Security Analysis
This section provides a detailed analysis of the extension's security posture, without broader context. Assumes worst-case impact.
MEDIUM
Overall Risk
Based on 2 total findings, ranked without considering overall context, including 1 high-risk and 1 medium-risk findings.
HIGH
Broad Content Script Injection
This extension can inject scripts into any website. This means it could potentially read sensitive data, modify website content, or steal credentials.
MEDIUM
Medium-Risk Permission: storage
This extension has the storage permission. Can store data locally.
Security Analysis Details
Required Permissions:
- storage
Embedded URLs (22 total):
| https://tailwindcss.com | https://github.com/mozdevs/cssremedy/issues/4 | |
| https://github.com/tailwindcss/tailwindcss/pull/116 | https://bugzilla.mozilla.org/show_bug.cgi?id=190655 | |
| https://bugs.chromium.org/p/chromium/issues/detail?id=999088 | https://bugs.webkit.org/show_bug.cgi?id=201297 | |
| https://bugs.chromium.org/p/chromium/issues/detail?id=935729 | https://bugs.webkit.org/show_bug.cgi?id=195016 | |
| https://github.com/mozilla/gecko-dev/blob/2f9eacd9d3d995c937b4251a5557d95d494c9be1/layout/style/res/forms.css#L728-L737 | https://github.com/tailwindlabs/tailwindcss/issues/3300 | |
| https://github.com/mozdevs/cssremedy/issues/14 | https://github.com/jensimmons/cssremedy/issues/14#issuecomment-634934210 | |
| https://reactjs.org/docs/error-decoder.html?invariant= | http://www.w3.org/1999/xlink | |
| http://www.w3.org/XML/1998/namespace | http://www.w3.org/2000/svg | |
| http://www.w3.org/1998/Math/MathML | http://www.w3.org/1999/xhtml | |
| https://chrome.google.com/webstore/detail/copy-text-easily/fagmaopcbeobbfhkeodicjekiniefdlo | https://www.buymeacoffee.com/basharath | |
| https://fonts.googleapis.com/css2?family=Roboto&display=swap | https://clients2.google.com/service/update2/crx |
Raw Manifest
{ "name": "Copy Text Easily", "icons": { "16": "images/enabled.png", "48": "images/enabled.png", "128": "images/enabled.png" }, "action": { "default_icon": "images/enabled.png", "default_popup": "popup.html", "default_title": "React Boilerplate" }, "version": "1.1.0", "background": { "service_worker": "background.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "A simple and hassle free way to copy text, paragraphs, sentences and custom selections in browser.", "permissions": [ "storage" ], "content_scripts": [ { "js": [ "contentScript.js" ], "css": [ "style.css" ], "run_at": "document_start", "matches": [ "<all_urls>" ] } ], "manifest_version": 3 }
Secure Annex (beta)
Coming soon...