[ new scan ] [ statistics ] [ github ] [ twitter ]

HLS Downloader

Version 0.1.3 View in Chrome Web Store

Last scanned: about 2 months ago | force re-scan

Extension Details

Rating: 3.7 ★ (167 ratings)

Size: 47.39KiB

Last Updated: October 29, 2024

Users: 100,000

Context-Aware Verdict

HIGH

Risk Level

Trust Factors:

- The extension has a relatively high number of users (100,000), which could indicate some level of trust.

- However, the lack of developer information and a low rating (3.7/5) raise concerns about the trustworthiness of the extension.

Concerns:

- The extension requests several high-risk permissions, including downloads, webRequest, and webNavigation, which could potentially be used maliciously to compromise security or privacy.

- The broad host permissions (*://*/*.m3u8) allow the extension to access many websites, increasing the risk of data theft or tracking browsing activity.

- The lack of transparency regarding the extension's purpose and the developer's identity raises questions about the extension's legitimacy.

Recommendations:

- Exercise caution when installing this extension, as it poses a high risk to your security and privacy.

- If you decide to use the extension, consider running it in a separate Chrome profile or a sandboxed environment to minimize potential risks.

- Regularly review the extension's permissions and activity, and uninstall it if you notice any suspicious behavior.

- Look for alternative extensions from reputable developers that offer similar functionality but with fewer permissions and better transparency.

Security Analysis

CRITICAL

Overall Risk

Based on 6 total findings, ranked without considering overall context, including 4 high-risk and 2 medium-risk findings.

HIGH

Broad Host Permissions

This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.

HIGH

High-Risk Permission: downloads

This extension has the downloads permission. Can download files and access download history. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: webNavigation

This extension has the webNavigation permission. Can track your web navigation. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: webRequest

This extension has the webRequest permission. Can intercept and modify web requests. This could potentially be used maliciously to compromise security or privacy.

MEDIUM

Medium-Risk Permission: contextMenus

This extension has the contextMenus permission. Can add items to the context menu.

MEDIUM

Medium-Risk Permission: storage

This extension has the storage permission. Can store data locally.

Raw Manifest

{
  "name": "HLS Downloader",
  "icons": {
    "16": "data/icons/16.png",
    "32": "data/icons/32.png",
    "48": "data/icons/48.png",
    "64": "data/icons/64.png",
    "128": "data/icons/128.png"
  },
  "action": {
    "default_icon": {
      "16": "data/icons/16.png",
      "32": "data/icons/32.png",
      "48": "data/icons/48.png",
      "64": "data/icons/64.png"
    },
    "default_title": "HLS Downloader"
  },
  "version": "0.1.3",
  "commands": {
    "_execute_action": {}
  },
  "background": {
    "service_worker": "background.js"
  },
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "Download fragmented media files with HLS (HTTP Live Streaming) downloader.",
  "permissions": [
    "storage",
    "downloads",
    "webRequest",
    "contextMenus",
    "webNavigation"
  ],
  "homepage_url": "https://mybrowseraddon.com/hls-downloader.html",
  "host_permissions": [
    "*://*/*.m3u8"
  ],
  "manifest_version": 3
}

HLS Downloader

Extension Details

Context-Aware Verdict

Security Analysis

Security Analysis Details

Required Permissions:

Host Permissions:

Embedded URLs (2 total):

Raw Manifest

Secure Annex (beta)