Extension Details
Context-Aware Verdict
The extension has a moderate user base of 9,000 users and a solid 4.4-star rating from 34 reviews, suggesting generally positive user experiences. The developer domain "improver.io" appears to be purpose-built for this extension, though limited information is available about the company's reputation or track record.
The extension's risk profile is elevated due to several concerning factors. The tabs permission combined with broad host permissions creates a powerful combination that could be exploited for malicious purposes. While the extension only requests access to LinkedIn and its own domain, the tabs permission allows it to potentially access information from all browser tabs, not just those it has explicit host permissions for. The lack of a detailed description makes it difficult to assess whether these permissions are justified for the extension's intended functionality. The relatively small number of ratings (34) compared to users (9,000) suggests limited user engagement or feedback.
Consider running this extension in a separate Chrome profile to isolate potential risks from your main browsing activities. Before installation, research the specific functionality this extension provides to determine if the requested permissions are necessary. Monitor the extension's behavior closely after installation, particularly its interaction with LinkedIn and other tabs. Consider alternatives with more transparent descriptions and established developer reputations if available for your use case.
Findings
Security Analysis Details
Required Permissions:
- tabs
- storage
Host Permissions:
- *://*.improver.io/*
- *://*.linkedin.com/*
Embedded URLs (6 total):
| https://clients2.google.com/service/update2/crx | https://www.improver.io | |
| https://improver.io/ext/? | https://improver.io/ | |
| https://static.licdn-ei.com/scds/common/u/images/themes/katy/ghosts/person/ghost_person_200x200_v1.png | https://www.linkedin.com/voyager/api/identity/normalizedProfiles/ |
Raw Manifest
{ "name": "improver", "icons": { "16": "images/icons/16.png", "32": "images/icons/32.png", "48": "images/icons/48.png", "64": "images/icons/64.png", "128": "images/icons/128.png" }, "action": { "default_icon": { "19": "images/icons/19.png", "38": "images/icons/38.png" }, "default_title": "improver" }, "version": "5.1", "background": { "service_worker": "js/background.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_app_description__", "permissions": [ "tabs", "storage" ], "default_locale": "en", "content_scripts": [ { "js": [ "/js/functions.js", "/js/template.js", "/js/content.js" ], "css": [ "css/styles.css" ], "run_at": "document_idle", "matches": [ "*://*.linkedin.com/*" ] }, { "js": [ "/js/token.js" ], "matches": [ "*://*.improver.io/*" ] } ], "host_permissions": [ "*://*.improver.io/*", "*://*.linkedin.com/*" ], "manifest_version": 3 }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.