Vertical SidePanel Tab Group Manager
Version 1.1.7 View in Chrome Web Store
Extension Details
Context-Aware Verdict
The extension has a solid 4.7-star rating from 32 reviews and serves 3,000 users, indicating reasonable user satisfaction. The name clearly describes its purpose as a tab group manager with vertical side panel functionality. However, the lack of visible developer information reduces transparency and accountability.
The extension requests extensive permissions that appear excessive for a tab management tool. The combination of tabs, bookmarks, scripting, and broad host permissions (http://*/*, https://*/*) creates significant privacy and security risks. The ability to access all websites through host permissions is particularly concerning, as this could enable data harvesting or tracking across all browsing activity. The bookmarks permission seems unnecessary for basic tab grouping functionality. The sessions permission adds another layer of access to browsing history and session data.
Consider running this extension in a separate Chrome profile to isolate potential risks from your main browsing environment. Before installation, carefully evaluate whether the tab management benefits justify the extensive permissions requested. Monitor the extension's behavior after installation and revoke permissions if possible through Chrome's extension settings. Consider alternative tab managers with more limited permission requests. Given the broad access capabilities, avoid using this extension while accessing sensitive websites like banking or work-related platforms.
Findings
Security Analysis Details
Required Permissions:
- tabs
- tabGroups
- favicon
- storage
- sidePanel
- scripting
- sessions
- bookmarks
Host Permissions:
- http://*/*
- https://*/*
Embedded URLs (13 total):
| https://chromewebstore.google.com/detail/tab-groups-extension/nplimhmoanghlebhdiboeellhgmgommi?hl=zh-CN&utm_source=ext_sidebar | https://chromewebstore.google.com/detail/the-marvellous-suspender/noogafoofpebimajpfpamcfhoaifemoa | |
| https://chromewebstore.google.com/detail/vertical-tabs-in-side-pan/akahnknmcbmgodngfjcflnaljdbhnlfo?hl=zh-CN&utm_source=ext_sidebar | https://chromewebstore.google.com/detail/clut-cycle-last-used-tabs/cobieddmkhhnbeldhncnfcgcaccmehgn?hl=zh-CN | |
| https://chromewebstore.google.com/detail/tab-retitle/hilgambgdpjgljhjdaccadahckpdiapo?hl=zh-CN | https://clients2.google.com/service/update2/crx | |
| https://chromewebstore.google.com/detail/glnmihflmbdhnlhffgddigibanmhgnmn | http://www.w3.org/2000/svg | |
| http://fusejs.io | http://kiro.me | |
| http://www.apache.org/licenses/LICENSE-2.0 | https://github.com/Simonwep/pickr | |
| http://www.inkscape.org/ |
Raw Manifest
{ "name": "__MSG_extName__", "icons": { "128": "icon/icon-128.png" }, "action": { "default_title": "__MSG_actionTitle__" }, "author": "songxiaoxi", "version": "1.1.7", "commands": { "_execute_action": { "suggested_key": { "mac": "Alt+E", "default": "Alt+E", "windows": "Alt+E" } } }, "background": { "service_worker": "sw.js" }, "short_name": "__MSG_extShortName__", "side_panel": { "default_path": "sidepanel.html" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_extDescription__", "permissions": [ "tabs", "tabGroups", "favicon", "storage", "sidePanel", "scripting", "sessions", "bookmarks" ], "default_locale": "en", "offline_enabled": true, "host_permissions": [ "http://*/*", "https://*/*" ], "manifest_version": 3, "minimum_chrome_version": "114" }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.