[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

Tab Modifier

Version 1.7 View in Chrome Web Store

Last scanned: about 14 hours ago

Extension Details

Rating: 4.3 ★ (3 ratings)

Users: 1,000

Context-Aware Verdict

HIGH

Overall Risk

Trust Factors:

The extension has a very limited user base of only 1,000 users, which raises concerns about its maturity and community vetting. With only 3 ratings despite being available, it lacks sufficient user feedback to establish reliability. The 4.3 rating is positive but based on an extremely small sample size. The missing developer information and last updated date make it difficult to assess the publisher's credibility and whether the extension receives regular security updates.

Concerns:

The extension requests extremely broad permissions that seem excessive for basic tab modification functionality. The combination of tabs permission, universal host permissions, and content script injection across all websites creates a powerful surveillance and data collection capability. These permissions would allow the extension to monitor all browsing activity, access sensitive information on banking and personal sites, and potentially steal credentials or personal data. The broad scope suggests the extension may be designed for purposes beyond simple tab management.

Recommendations:

Given the high risk profile, avoid installing this extension unless absolutely necessary. If you must use it, create a separate Chrome profile specifically for this extension and avoid accessing sensitive websites while it's active. Consider looking for alternative tab management extensions with more limited permissions and better established user bases. Monitor your browsing behavior closely if installed, and remove immediately if you notice any suspicious activity.

Findings

HIGH

Broad Content Script Injection

This extension can inject scripts into any website. This means it could potentially read sensitive data, modify website content, or steal credentials.

HIGH

Broad Host Permissions

This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.

HIGH

High-Risk Permission: tabs

This extension has the tabs permission. Can access browser tab information and manipulate tabs. This could potentially be used maliciously to compromise security or privacy.

MEDIUM

Medium-Risk Permission: activeTab

This extension has the activeTab permission. Can access the active tab when clicking the extension icon.

MEDIUM

Medium-Risk Permission: contextMenus

This extension has the contextMenus permission. Can add items to the context menu.

MEDIUM

Medium-Risk Permission: storage

This extension has the storage permission. Can store data locally.

Raw Manifest

{
  "name": "Tab Modifier",
  "icons": {
    "48": "icon.png"
  },
  "action": {
    "default_popup": "popup.html"
  },
  "version": "1.7",
  "commands": {
    "open_popup": {
      "description": "Open the Tab Modifier popup",
      "suggested_key": {
        "default": "Alt+T"
      }
    }
  },
  "background": {
    "service_worker": "background.js"
  },
  "update_url": "https://clients2.google.com/service/update2/crx",
  "permissions": [
    "contextMenus",
    "activeTab",
    "scripting",
    "storage",
    "tabs"
  ],
  "content_scripts": [
    {
      "js": [
        "content.js"
      ],
      "run_at": "document_start",
      "matches": [
        "<all_urls>"
      ]
    }
  ],
  "host_permissions": [
    "<all_urls>"
  ],
  "manifest_version": 3
}

by ✦ Astarte

https://clients2.google.com/service/update2/crx	http://www.w3.org/2000/svg
https://avenyx.io	https://na.myconnectwise.net/v2025_1/connectwise.aspx?fullscreen=false&locale=en_US#startscreen=sr150&state=

Tab Modifier

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Host Permissions:

Embedded URLs (4 total):

Raw Manifest

Detections

Manifest Findings