Extension Details
Rating:
4.5 ★
(2 ratings)
Size:
379KiB
Last Updated:
March 18, 2025
Users:
227
Context-Aware Verdict
This section provides a Claude-based AI analysis that applies additional context to the risk. Results are not guaranteed to be accurate.
HIGH
Risk Level
Trust Factors:
- The extension has a relatively low number of users (227) and few ratings (2), which could indicate it is not widely trusted or used.
- The lack of developer information and a detailed description raises some concerns about the extension's legitimacy and purpose.
Concerns:
- The extension requests broad host permissions (https://api2.amplitude.com/*) and can inject content scripts into any website (<all_urls>), which could potentially be used for tracking browsing activity or stealing sensitive data.
- The storage, activeTab, and contextMenus permissions are not necessarily concerning on their own, but their necessity is unclear given the lack of information about the extension's functionality.
Recommendations:
- Exercise caution when installing this extension, as the broad permissions and lack of transparency about its purpose raise significant privacy and security concerns.
- If you decide to use the extension, consider running it in a separate browser profile or a sandboxed environment to limit potential risks.
- Look for alternative extensions from reputable developers that provide similar functionality but with more transparency and limited permissions.
- Report the extension to the Chrome Web Store if you suspect any malicious behavior or privacy violations.
Security Analysis
This section provides a detailed analysis of the extension's security posture, without broader context. Assumes worst-case impact.
HIGH
Overall Risk
Based on 5 total findings, ranked without considering overall context, including 2 high-risk and 3 medium-risk findings.
HIGH
Broad Content Script Injection
This extension can inject scripts into any website. This means it could potentially read sensitive data, modify website content, or steal credentials.
HIGH
Broad Host Permissions
This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.
MEDIUM
Medium-Risk Permission: activeTab
This extension has the activeTab permission. Can access the active tab when clicking the extension icon.
MEDIUM
Medium-Risk Permission: contextMenus
This extension has the contextMenus permission. Can add items to the context menu.
MEDIUM
Medium-Risk Permission: storage
This extension has the storage permission. Can store data locally.
Security Analysis Details
Required Permissions:
- storage
- activeTab
- contextMenus
Host Permissions:
- https://api2.amplitude.com/*
Embedded URLs (8 total):
| https://api2.amplitude.com/2/httpapi | https://font-inspector.com/uninstall | |
| https://font-inspector.com/welcome?utm_source=extension | https://clients2.google.com/service/update2/crx | |
| https://api2.amplitude.com/ | http://www.w3.org/2000/svg | |
| https://tally.so/r/wkJK96 | https://chromewebstore.google.com/detail/ldanlnlkbcpglobchelebddfmjapiifd/reviews |
Raw Manifest
{ "name": "__MSG_appName__", "icons": { "16": "icons/16x16.png", "24": "icons/24x24.png", "32": "icons/32x32.png", "48": "icons/48x48.png", "64": "icons/64x64.png", "128": "icons/128x128.png", "256": "icons/256x256.png", "512": "icons/512x512.png" }, "action": { "default_icon": { "16": "icons/16x16.png", "24": "icons/24x24.png", "32": "icons/32x32.png", "48": "icons/48x48.png", "64": "icons/64x64.png", "128": "icons/128x128.png", "256": "icons/256x256.png", "512": "icons/512x512.png" }, "default_popup": "popup.html" }, "version": "1.0.6", "background": { "service_worker": "background.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_shortDesc__", "permissions": [ "storage", "activeTab", "contextMenus" ], "default_locale": "en", "content_scripts": [ { "js": [ "content.js" ], "matches": [ "<all_urls>" ] } ], "host_permissions": [ "https://api2.amplitude.com/*" ], "manifest_version": 3 }
Secure Annex (beta)
Coming soon...