Tab Shelf - Side panel vertical tabs
Version 2025.2.3 View in Chrome Web Store
Last scanned: 15 days ago
| force re-scan
Extension Details
Developer:
tabshelf.com
Rating:
4.4 ★
(53 ratings)
Users:
6,000
Context-Aware Verdict
This section provides a Claude-based AI analysis that applies additional context to the risk. Results are not guaranteed to be accurate.
MEDIUM
Risk Level
Trust Factors:
- The extension has a decent number of users (6,000) and a relatively good rating (4.4/5), which suggests some level of trust from the user community.
- The developer's website (tabshelf.com) appears to be a legitimate company focused on browser extensions and productivity tools.
Concerns:
- The extension requests several potentially high-risk permissions, including tabs, bookmarks, and storage, which could be exploited for malicious purposes if the extension is compromised.
- The broad tabs permission allows the extension to access and manipulate browser tabs, which could potentially lead to privacy or security issues.
- The bookmarks permission allows the extension to access and modify bookmarks, which could be a privacy concern if misused.
Recommendations:
- Exercise caution when installing this extension, as it requests several high-risk permissions that could potentially be exploited.
- Consider running the extension in a separate browser profile or a sandboxed environment to mitigate potential risks.
- Regularly check for updates and reviews from other users to monitor for any reported issues or concerns.
- If you don't need the bookmark management functionality, consider disabling the bookmarks permission or using an alternative extension without this permission.
- Enable two-factor authentication and use a strong, unique password for your Google account to enhance overall security.
Security Analysis
This section provides a detailed analysis of the extension's security posture, without broader context. Assumes worst-case impact.
HIGH
Overall Risk
Based on 3 total findings, ranked without considering overall context, including 2 high-risk and 1 medium-risk findings.
HIGH
High-Risk Permission: bookmarks
This extension has the bookmarks permission. Can access and modify bookmarks. This could potentially be used maliciously to compromise security or privacy.
HIGH
High-Risk Permission: tabs
This extension has the tabs permission. Can access browser tab information and manipulate tabs. This could potentially be used maliciously to compromise security or privacy.
MEDIUM
Medium-Risk Permission: storage
This extension has the storage permission. Can store data locally.
Security Analysis Details
Required Permissions:
- storage
- tabs
- tabGroups
- sidePanel
- favicon
- commands
- bookmarks
Embedded URLs (480 total):
| https://clients2.google.com/service/update2/crx | https://forms.gle/EjfCKcDcDZzYRkuC6 | |
| https://groups.google.com/a/chromium.org/g/chromium-extensions/c/2RO1vp-8lqE/m/bJJOn7-OAAAJ | https://tabshelf.com/privacy-policy | |
| https://tabshelf.com/ | https://clarencesiew.com/ | |
| https://github.com/uuidjs/uuid#getrandomvalues-not-supported | https://react.dev/errors/ | |
| http://www.w3.org/2000/svg | http://www.w3.org/1998/Math/MathML | |
| http://www.w3.org/1999/xlink | http://www.w3.org/XML/1998/namespace | |
| https://d2kfnvwohu0503.cloudfront.net/img/favicon.png?v=3a43e0f358075f9c79f8e1c10d6e737a | https://www.instapaper.com/u | |
| https://boredreading.com/img/favicon/32.png | https://boredreading.com/reading-list/ | |
| https://open.spotifycdn.com/cdn/images/favicon.0f31d2ea.ico | https://open.spotify.com/playlist/3hMSpGLusHXt4IMrKFWwnL | |
| https://cdn.atp.fm/favicon | https://atp.fm/550 | |
| https://static.cdninstagram.com/rsrc.php/v3/yV/r/_8T3PbCSTRI.png | https://www.threads.net/ | |
| https://ooh.directory/static/oohdir/favicons/favicon.ico | https://ooh.directory/ | |
| https://everythingchanges.us/favicon.ico | https://everythingchanges.us/blog/ | |
| https://lobste.rs/favicon.ico | https://lobste.rs/ | |
| https://lobste.rs/s/xwa20j/obsidian_releases_version_1_4_for | https://lobste.rs/s/v71bnp/technical_merits_wayland_are_mostly | |
| https://lobste.rs/s/j8li8k/which_self_hosted_applications_do_you_run | https://www.mux.com/icon.svg | |
| https://www.mux.com/blog/what-are-react-server-components | https://lobste.rs/s/m7eacj/my_source_code_root_folder_name | |
| https://news.ycombinator.com/favicon.ico | https://news.ycombinator.com/news?p=2 | |
| https://news.ycombinator.com/item?id=37350520 | https://news.ycombinator.com/item?id=37349633 | |
| https://news.ycombinator.com/item?id=37345727 | https://news.ycombinator.com/item?id=37344096 | |
| https://news.ycombinator.com/item?id=37335945 | https://news.ycombinator.com/item?id=37331778 | |
| https://news.ycombinator.com/item?id=37333195 | https://news.ycombinator.com/item?id=37304370 | |
| https://www.redditstatic.com/desktop2x/img/favicon/favicon-32x32.png | https://www.reddit.com/ | |
| https://www.reddit.com/r/AskMen/comments/1623gw8/what_are_the_worst_things_that_too_many_men_still/ | https://www.reddit.com/r/oddlysatisfying/comments/162hdkp/the_sound_of_this_ceramic_keyboard/ | |
| https://www.reddit.com/r/geopolitics/comments/162cf6x/australia_is_becoming_americas_military_launchpad/ | https://static.guim.co.uk/images/favicon-32x32.ico | |
| https://www.theguardian.com/au | https://www.theguardian.com/australia-news/australia-datablog/2023/sep/02/up-to-136000-houses-are-empty-in-australia-find-out-where-they-are | |
| https://www.theguardian.com/australia-news/2023/sep/01/life-has-gotten-tougher-and-politics-noisier-can-australians-still-find-the-mindfulness-to-listen | https://www.theguardian.com/lifeandstyle/2023/aug/27/i-find-socialising-tiring-but-worry-i-am-missing-out-ask-philippa-perry | |
| https://www.theguardian.com/lifeandstyle/2023/aug/27/me-her-us-yen-rong-wong-read-book-extract | https://www.theguardian.com/food/2023/aug/26/turn-leftover-roast-chicken-or-vegetables-into-pad-thai-recipe-zero-waste-cooking | |
| https://www.theguardian.com/books/2023/aug/26/sebastian-faulks-the-last-remaining-human-species-neednt-have-been-so-violent-and-clever-as-we-are | https://www.abc.net.au/news-web/assets/favicon.svg | |
| https://www.abc.net.au/news | https://www.abc.net.au/news/2023-08-29/cash-stuffing-viral-saving-trend-cost-of-living-730/102599352 | |
| https://www.abc.net.au/news/2023-08-29/temu-may-save-china-status-as-world-factory-amid-deflation/102724900 | https://elk.zone/favicon.ico | |
| https://elk.zone/home/ | https://www.notion.so/images/favicon.ico | |
| https://www.notion.so/csiew/8a63c84870614b12ac6b33ef07e8aafd?v=f4bc9f62554447fc8bb6c7beac2abbb5 | https://developer.chrome.com/images/meta/favicon-32x32.png | |
| https://developer.chrome.com/docs/extensions/reference/ | https://developer.chrome.com/docs/extensions/reference/tabs/#method-getSelected | |
| https://developer.chrome.com/docs/extensions/reference/windows/#method-get | https://developer.chrome.com/docs/extensions/reference/windows/#type-QueryOptions | |
| https://feross.org/opensource | https://feross.org | |
| https://mail.google.com/mail/u/0/#inbox | https://outlook.live.com/mail/inbox | |
| https://mail.protonmail.com/inbox | https://www.messenger.com/ | |
| https://web.telegram.org/ | https://web.whatsapp.com/ | |
| https://discord.com/ | https://web.skype.com/ |
Page 1 of 6
Raw Manifest
{ "name": "Tab Shelf - Side panel vertical tabs", "icons": { "16": "icons/stable/icon16.png", "32": "icons/stable/icon32.png", "48": "icons/stable/icon48.png", "128": "icons/stable/icon128.png" }, "action": { "default_title": "Click to open Tab Shelf" }, "author": "Clarence Siew", "version": "2025.2.3", "commands": { "_execute_action": { "suggested_key": { "mac": "Command+Shift+O", "default": "Ctrl+Shift+O" } }, "move_current_tab": { "description": "Select where to move the current active tab", "suggested_key": { "mac": "Alt+M", "default": "Alt+M" } }, "trigger_edit_mode": { "description": "Select tabs in the tab list", "suggested_key": { "mac": "Command+Shift+Space", "default": "Ctrl+Shift+Space" } } }, "background": { "type": "module", "service_worker": "service-worker.js" }, "side_panel": { "default_path": "index.html" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "Vertical tab management from your side panel with support for tab groups, multiple windows, and much more.", "permissions": [ "storage", "tabs", "tabGroups", "sidePanel", "favicon", "commands", "bookmarks" ], "manifest_version": 3, "web_accessible_resources": [ { "matches": [ "<all_urls>" ], "resources": [ "_favicon/*" ], "extension_ids": [ "*" ] } ] }
Secure Annex (beta)
Coming soon...