[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

SDFC Dev Console Data Exporter

Version 1.0 View in Chrome Web Store

Last scanned: about 8 hours ago

Extension Details

Rating: 3.3 ★ (16 ratings)

Users: 1,000

Context-Aware Verdict

MEDIUM

Overall Risk

Trust Factors:

The extension has a modest user base of 1,000 users, which provides some validation through community usage. However, the 3.3-star rating from only 16 reviews suggests mixed user experiences and limited feedback. The lack of visible author and developer information raises transparency concerns, making it difficult to assess the creator's credibility or contact them for support.

Concerns:

The extension uses the older Manifest V2, which has weaker security controls compared to the current V3 standard. While the content script injection is appropriately scoped to Salesforce's developer console pages, the missing author information creates accountability issues. The relatively low rating combined with few reviews suggests potential functionality or reliability problems that users have encountered.

Recommendations:

Given the medium risk level, consider running this extension in a separate Chrome profile dedicated to Salesforce development work to isolate any potential security risks from your main browsing profile. Before installation, verify that you actually need data export functionality from the Salesforce developer console, as this represents a specific use case. Monitor the extension's behavior closely after installation, and consider looking for alternative extensions with better ratings, more transparent developer information, and Manifest V3 compliance. If you proceed with installation, regularly review what data the extension accesses and consider removing it when not actively needed for development work.

Findings

MEDIUM

Older Manifest Version

This extension uses Manifest Version 2, which has fewer security restrictions than Manifest V3. Consider using extensions that have upgraded to V3.

Raw Manifest

{
  "name": "SDFC Dev Console Data Exporter",
  "icons": {
    "32": "logo-32.png",
    "48": "logo-48.png",
    "64": "logo-64.png",
    "128": "logo-128.png"
  },
  "version": "1.0",
  "background": {
    "scripts": [
      "background.js"
    ]
  },
  "short_name": "Console Data Exporter",
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "Export data from the Developer Console",
  "page_action": {
    "default_icon": "logo-128.png",
    "default_title": "Click to export data in CSV"
  },
  "content_scripts": [
    {
      "js": [
        "jquery-2.0.3.min.js",
        "contentscript.js"
      ],
      "run_at": "document_idle",
      "matches": [
        "https://*.salesforce.com/_ui/common/apex/debug/ApexCSIPage*"
      ],
      "all_frames": false
    }
  ],
  "manifest_version": 2,
  "web_accessible_resources": [
    "jquery-2.0.3.min.map"
  ]
}

by ✦ Astarte

SDFC Dev Console Data Exporter

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Embedded URLs (1 total):

Raw Manifest

Detections

Manifest Findings