CRX aminer
Extension icon

GPTZero: AI Detection & Writing Replay

Version 2026.2.4 View in Chrome Web Store

Last scanned: about 2 hours ago

Extension Details

Developer: 15020131 Canada Inc.
Rating: 4.4 ★ (315 ratings)
Users: 400,000

Context-Aware Verdict

CRITICAL
Overall Risk
Trust Factors:

GPTZero is a legitimate AI detection service with 400,000 users and a solid 4.4-star rating, indicating genuine utility for detecting AI-generated content. The company 15020131 Canada Inc. appears to be the official developer behind the GPTZero service. The extension's purpose aligns with current needs for AI content detection in educational and professional settings.

Concerns:

The extension exhibits several concerning security patterns despite its legitimate purpose. The broad content script injection across all websites creates significant attack surface, allowing the extension to read and modify any webpage you visit. The cookies permission combined with tabs access enables comprehensive tracking of your browsing behavior. The extensive host permissions, while including expected domains like Google Docs and ChatGPT, grant unnecessary access to localhost and broad web access. The storage permission allows persistent data collection on your device.

Recommendations:

Given the critical risk level, consider running this extension in a dedicated Chrome profile isolated from sensitive browsing activities. Only enable it when actively using AI detection features, then disable it afterward. Review the extension's privacy policy carefully to understand data collection practices. Consider using GPTZero's web interface directly instead of the extension when possible. If you must use the extension, avoid browsing sensitive sites (banking, personal accounts) in the same profile, and regularly audit what data the extension has stored.

Findings

HIGH
Broad Content Script Injection
This extension can inject scripts into any website. This means it could potentially read sensitive data, modify website content, or steal credentials.
HIGH
Broad Host Permissions
This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.
HIGH
High-Risk Permission: cookies
This extension has the cookies permission. Can access and modify browser cookies. This could potentially be used maliciously to compromise security or privacy.
HIGH
High-Risk Permission: tabs
This extension has the tabs permission. Can access browser tab information and manipulate tabs. This could potentially be used maliciously to compromise security or privacy.
MEDIUM
Access to Sensitive Domains
This extension requests access to sensitive domains: https://docs.google.com/*, https://classroom.google.com/*, https://assignments.google.com/*. Ensure you trust this extension with access to these sites.
MEDIUM
Medium-Risk Permission: contextMenus
This extension has the contextMenus permission. Can add items to the context menu.
MEDIUM
Medium-Risk Permission: storage
This extension has the storage permission. Can store data locally.