Extension Details
Context-Aware Verdict
The extension has a solid 4.7-star rating from 33 reviews and is developed by Moonstop Software Ltd, which suggests some level of legitimacy. However, with only 2,000 users, it has a relatively small user base that limits community vetting. The lack of a clear description makes it difficult to assess the extension's intended purpose and whether its permissions are justified.
The primary concern is the broad host permissions for Wikipedia domains combined with declarativeNetRequestWithHostAccess, which allows the extension to modify network requests and access content across all Wikipedia pages. Without knowing the extension's specific function, these permissions appear potentially excessive. The storage permission allows data collection and retention, while activeTab provides access to whatever page you're viewing when the extension is activated. The missing description is particularly concerning as it prevents users from understanding what they're installing.
Given the medium risk level and unclear purpose, consider running this extension in a separate Chrome profile to isolate it from your main browsing activities. Before installation, try to research the extension's actual functionality through user reviews or the developer's website. Monitor your Wikipedia browsing for any unusual behavior. If the extension's purpose doesn't clearly justify Wikipedia access and network request modification, consider finding an alternative with more transparent functionality and narrower permissions.
Findings
Security Analysis Details
Required Permissions:
- storage
- scripting
- activeTab
- declarativeNetRequestWithHostAccess
Optional Permissions:
- bookmarks
Host Permissions:
- https://*.wikipedia.org/*
Embedded URLs (20 total):
| https://clients2.google.com/service/update2/crx | http://127.0.0.1/ | |
| http://127.0.0.1: | https://hoverflow.io/ | |
| https://hoverflow.io/upgrade | https://web.dev/sandboxed-iframes | |
| https://twitter.com/hoverflowio | https://www.twitch.tv | |
| https://www.youtube.com | http://www.w3.org/2000/svg | |
| https://fontawesome.com | https://fontawesome.com/license/free | |
| https://fontawesome.com/license | https://forms.gle/QJgxoSU4VaN8m7Pr6 | |
| https://hoverflow.io/welcome | https://hoverflow.io/update | |
| https://activate-mbo72rwysq-ew.a.run.app | https://verify-mbo72rwysq-ew.a.run.app | |
| https://hoverflow.io | https://billing.stripe.com/p/login/7sIbLU5G1aPjbuw144 |
Raw Manifest
{ "name": "__MSG_appName__", "icons": { "16": "/icons/16.png", "32": "/icons/32.png", "48": "/icons/48.png", "128": "/icons/128.png" }, "action": { "default_icon": { "16": "/icons/grey/16.png", "32": "/icons/grey/32.png", "48": "/icons/grey/48.png", "128": "/icons/grey/128.png" }, "default_title": "__MSG_actionTitle__" }, "version": "1.2.5", "background": { "service_worker": "src/serviceWorker.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_appDesc__", "permissions": [ "storage", "scripting", "activeTab", "declarativeNetRequestWithHostAccess" ], "options_page": "settings.html", "default_locale": "en", "host_permissions": [ "https://*.wikipedia.org/*" ], "manifest_version": 3, "optional_permissions": [ "bookmarks" ], "externally_connectable": { "matches": [ "https://hoverflow.io/*" ] }, "declarative_net_request": { "rule_resources": [ { "id": "frameRules", "path": "rules.json", "enabled": true } ] }, "optional_host_permissions": [ "https://*/*", "http://localhost/*", "http://localhost:*/*", "http://127.0.0.1/*", "http://127.0.0.1:*/*" ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.