Tab Suspender – Free Up RAM & Boost Browser Speed
Version 1.6 View in Chrome Web Store
Extension Details
Context-Aware Verdict
The extension has a decent user base of 7,000 users and maintains a high rating of 4.7 stars from 100 reviews, which suggests users find it functional. However, the lack of developer information and company details raises transparency concerns. The extension's stated purpose of freeing up RAM by suspending tabs is legitimate and commonly needed.
The extension exhibits several red flags that justify the critical risk rating. The combination of tabs, identity, and scripting permissions with broad content script injection across all URLs creates a dangerous attack surface. The identity permission is particularly concerning for a tab management tool, as it's unnecessary for the core functionality. The Google Sheets API access suggests data collection or synchronization capabilities that aren't clearly explained in the basic description. The broad host permissions combined with content script injection means this extension can read, modify, and potentially exfiltrate data from every website you visit.
Given the critical risk level, avoid installing this extension on your primary browser profile. If you must use it, create a dedicated Chrome profile with minimal sensitive browsing activity. Consider alternative tab suspension extensions with more limited permissions. Before installation, research the developer's reputation and read detailed user reviews focusing on privacy concerns. Monitor your browser's network activity if you proceed with installation to detect any unexpected data transmission.
Findings
Security Analysis Details
Required Permissions:
- tabs
- storage
- identity
- scripting
- activeTab
Host Permissions:
- https://sheets.googleapis.com/v4/spreadsheets/*
Embedded URLs (9 total):
| http://www.apache.org/licenses/LICENSE-2.0 | https://github.com/getsentry/sentry-javascript | |
| https://www.nextgrowthlabs.com/?& | https://sheets.googleapis.com/v4/spreadsheets/ | |
| https://sheets.googleapis.com/v4/spreadsheets?key= | https://clients2.google.com/service/update2/crx | |
| https://www.googleapis.com/auth/spreadsheets | https://github.com/facebook/regenerator/blob/main/LICENSE | |
| http://www.w3.org/2000/svg |
Raw Manifest
{ "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIY2Pa0bjJANKRYICng81K/bXJXnHkv+9SUXfRJCE4mUW5nLBAGS9Sk6HgOlR3ijah80vVqps/0EKdI+L0JfcnBtEEfrs+a2G92TlLfh7kPwJ/vqdVXWH6bLzUEAbJQh36zoBa0iNBjW3XrbC6rwMFptk20Pvj6NTpCefVpIVhx1g2B3ZGQcVXzsoFoQJeS4VuEhnpWvZR56D1UF3ySLS1pRA9Awr8V1ka/sXtZIuUMJmF17/WwuyShuBbQODJX7ggK8iVBwlm359cHw0IKN40YgniBIFwlIMjkRxNSv8EWydFtykxF4rBxUZtdMdZOCMR9gMZ5yH5P0leseZor8dQIDAQAB", "name": "__MSG_extName__", "icons": { "16": "icons/icon16.png", "32": "icons/icon32.png", "48": "icons/icon48.png", "128": "icons/icon128.png" }, "action": { "default_popup": "popup/popup.html", "default_title": "Tab_suspender" }, "oauth2": { "scopes": [ "https://www.googleapis.com/auth/spreadsheets" ], "client_id": "179232417308-pqbequbvcogi82tnu39rcqnfgsa41j30.apps.googleusercontent.com" }, "version": "1.6", "commands": { "_execute_action": { "description": "Open Pop Up", "suggested_key": { "mac": "Command+Shift+E", "default": "Ctrl+Shift+E" } } }, "background": { "service_worker": "background.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_extDesc__", "permissions": [ "tabs", "storage", "identity", "scripting", "activeTab" ], "default_locale": "en", "content_scripts": [ { "js": [ "content.js" ], "run_at": "document_idle", "matches": [ "<all_urls>" ] } ], "host_permissions": [ "https://sheets.googleapis.com/v4/spreadsheets/*" ], "manifest_version": 3, "web_accessible_resources": [ { "matches": [ "<all_urls>" ], "resources": [ "suspend.html", "suspend.js" ], "extension_ids": [] } ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.