Extension Details
Context-Aware Verdict
The extension has a solid user base of 70,000 users and a decent 4.2-star rating from 212 reviews, suggesting general user satisfaction. The extension targets a specific gaming website (Slither.io), which is a legitimate online game, and appears to be a modification tool for enhancing gameplay experience.
The downloads permission is particularly concerning for a gaming mod extension, as there's no clear justification for why a Slither.io enhancement would need to download files or access download history. The broad host permissions, while limited to Slither.io domains, combined with activeTab access could potentially be exploited beyond the stated gaming purpose. The unlimitedStorage permission seems excessive for a simple game modification tool. The declarativeNetRequest permission allows network request modification, which could potentially interfere with game communications in unintended ways.
Consider running this extension in a separate Chrome profile dedicated to gaming to isolate any potential risks from your main browsing activities. Monitor your downloads folder for any unexpected files after installation. Be cautious about using this extension while logged into sensitive accounts on other tabs. Given the gaming nature and reasonable user base, the risk may be acceptable for dedicated gaming sessions, but avoid using it during general web browsing or when handling sensitive information.
Findings
Security Analysis Details
Required Permissions:
- declarativeNetRequest
- activeTab
- downloads
- unlimitedStorage
- storage
- downloads.shelf
Host Permissions:
- *://slither.io/*
- *://slither.com/*
Content Security Policy:
- script-src: 'self'
- object-src: 'self'
Embedded URLs (25 total):
| http://www.w3.org/2000/svg | http://www.w3.org/1999/xlink | |
| http://getbootstrap.com | https://github.com/twbs/bootstrap/blob/master/LICENSE | |
| http://slither.io | http://slither.com | |
| https://ntl-slither.com/ss/rs.php | https://ntl-slither.com/slither/modhelp.php | |
| https://clients2.google.com/service/update2/crx | https://ntl-slither.com | |
| https://ntl-slither.com/ | https://github.com/j-c-m/Slither.io-bot | |
| https://ntl-slither.com/slither/news.php?ver= | https://ntl-slither.com/tags/authorizetags.php | |
| https://ntl-slither.com/tags/fstags?v= | https://ntl-slither.com/tags/cstags?v= | |
| https://slither.io/i80124.txt | https://ntl-slither.com/ss/gt.php?srv= | |
| https://ntl-slither.com/uploadtag.php?ntlmod=wbst | https://ntl-slither.com/tags/rst?id= | |
| https://ntl-slither.com/tags/tag?id= | https://ntl-slither.com/newtag.php?id= | |
| https://chrome.google.com/webstore/detail/ntl-mod/hpgaehmokjbdfkbgkeifbfogjalkpfgb/reviews | https://ntl-slither.com/slither/ntlplay-mt.php?auth= | |
| https://www.youtube.com/watch?v=GE6jjPjds98 |
Raw Manifest
{ "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2X6FubWAS1tTD6B+9asVDDv8fiCeiwBw/BVGx4U7mzbCvQ4FCJ050iBr7M1Y3JJX0cv9a/gqHM4ozXoU8a4foxasQ9PumT77GGHb7YwGNImJo9q1bqDCjtEh50THFx305Yb6LN1fIX9P0JzWVZDsa+YRvmfXmyNwS69W4p9Hc15asST0Dgd70mL7CgMn0g5yK89fWJBMM2dVVc6W7/AeQ5eYFOhadUnulcz9FuTS0ogYbks0plo/aGVahTSrHn+7dZqEIXwEE52ttu9ks8kcke997e9PftOrWk7/tRoD/LdJZFt+i3iCC2R/lWWvPwAX994Pn+7/u9cSRXGTRj97XwIDAQAB", "name": "NTL MOD for Slither.io", "icons": { "16": "icon16.png", "19": "icon19.png", "32": "icon32.png", "38": "icon38.png", "48": "icon48.png", "128": "icon128.png" }, "action": { "default_icon": "icon.png", "default_popup": "popup.html", "default_title": "NTL MOD" }, "author": "[NTL] Nothing To Lose", "version": "9.59", "background": { "service_worker": "background.js" }, "short_name": "NTL MOD", "update_url": "https://clients2.google.com/service/update2/crx", "description": "Advanced slither.io mod for pro players", "permissions": [ "declarativeNetRequest", "activeTab", "downloads", "unlimitedStorage", "storage", "downloads.shelf" ], "homepage_url": "https://ntl-slither.com", "content_scripts": [ { "js": [ "tinyscr.js" ], "run_at": "document_end", "matches": [ "*://slither.io/*", "*://slither.com/*" ], "all_frames": false } ], "host_permissions": [ "*://slither.io/*", "*://slither.com/*" ], "manifest_version": 3, "externally_connectable": { "matches": [ "*://slither.io/*", "*://slither.com/*", "https://ntl-slither.com/*" ] }, "content_security_policy": { "object-src": "'self'", "script-src": "'self'" }, "declarative_net_request": { "rule_resources": [ { "id": "1", "path": "game.json", "enabled": true } ] }, "web_accessible_resources": [ { "matches": [ "*://slither.io/*", "*://slither.com/*" ], "resources": [ "*.json", "*.js", "*.txt", "*.css", "*.ttf", "fonts/*.ttf", "*.png", "*.jpg", "*.webp", "s/*.webp", "pr/*.webp", "*.mp3", "social.html", "help.html" ] } ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.