[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

SWATHub Recorder

Version 1.1.0 View in Chrome Web Store

Last scanned: about 6 hours ago

Extension Details

Rating: 4.3 ★

Users: 2

Context-Aware Verdict

CRITICAL

Overall Risk

Trust Factors:

The extension has extremely limited trust indicators with only 2 users and no visible developer information or company reputation. The lack of transparency about the developer, combined with minimal adoption, raises significant red flags. The 4.3 rating appears questionable given the tiny user base.

Concerns:

The extension exhibits multiple high-risk characteristics that are disproportionate to what a typical "recorder" would need. The combination of broad host permissions across all URLs, content script injection capabilities on every website, and web navigation tracking creates an extensive attack surface. The native messaging permission allows communication with local applications, which could enable data exfiltration or system compromise. For a recording tool, these permissions seem excessive and unnecessary.

The webNavigation permission enables comprehensive browsing surveillance, while the broad content script injection could facilitate credential theft, session hijacking, or malicious code execution on any website you visit. The <all_urls> host permissions essentially give this extension unrestricted access to your entire web browsing experience.

Recommendations:

Do not install this extension. If you absolutely must use it for legitimate purposes, create a completely isolated Chrome profile with no saved passwords, personal data, or access to sensitive websites. Consider using established, well-reviewed screen recording alternatives instead. The risk-to-benefit ratio is extremely unfavorable given the minimal user base and excessive permissions.

Findings

HIGH

Broad Content Script Injection

This extension can inject scripts into any website. This means it could potentially read sensitive data, modify website content, or steal credentials.

HIGH

Broad Host Permissions

This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.

HIGH

High-Risk Permission: webNavigation

This extension has the webNavigation permission. Can track your web navigation. This could potentially be used maliciously to compromise security or privacy.

MEDIUM

Medium-Risk Permission: activeTab

This extension has the activeTab permission. Can access the active tab when clicking the extension icon.

Raw Manifest

{
  "name": "SWATHub Recorder",
  "icons": {
    "128": "icon.79ed7058.png"
  },
  "version": "1.1.0",
  "background": {
    "service_worker": "background.cd6c77da.js"
  },
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "Browser extension for SWATHub Recorder",
  "permissions": [
    "activeTab",
    "webNavigation",
    "nativeMessaging"
  ],
  "content_scripts": [
    {
      "js": [
        "content-script.eb076fe9.js"
      ],
      "css": [],
      "matches": [
        "<all_urls>"
      ],
      "all_frames": true,
      "match_about_blank": false
    }
  ],
  "host_permissions": [
    "<all_urls>"
  ],
  "manifest_version": 3,
  "externally_connectable": {
    "ids": [
      "*"
    ]
  },
  "minimum_chrome_version": "88",
  "browser_specific_settings": {
    "gecko": {
      "id": "swathub-recorder@swathub.com",
      "strict_min_version": "109.0"
    }
  }
}

by ✦ Astarte

SWATHub Recorder

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Host Permissions:

Embedded URLs (1 total):

Raw Manifest

Detections

Manifest Findings