[ new scan ] [ statistics ] [ github ] [ twitter ]

Starting analysis...

Nexthink

Version 25.2.2 View in Chrome Web Store

Last scanned: 13 days ago | force re-scan

Extension Details

Rating: 4.0 ★ (24 ratings)

Size: 6.58MiB

Last Updated: March 4, 2025

Users: 5,000,000

Developer Info: Nexthink SAChemin du Viaduc 1 Centre Malley Lumières Prilly 1008 CH

Context-Aware Verdict

Security Analysis

CRITICAL

Overall Risk

Based on 9 total findings, ranked without considering overall context, including 6 high-risk and 3 medium-risk findings.

HIGH

Broad Host Permissions

This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.

HIGH

High-Risk Permission: downloads

This extension has the downloads permission. Can download files and access download history. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: identity

This extension has the identity permission. Can access your identity information. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: tabs

This extension has the tabs permission. Can access browser tab information and manipulate tabs. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: webNavigation

This extension has the webNavigation permission. Can track your web navigation. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: webRequest

This extension has the webRequest permission. Can intercept and modify web requests. This could potentially be used maliciously to compromise security or privacy.

MEDIUM

Medium-Risk Permission: contextMenus

This extension has the contextMenus permission. Can add items to the context menu.

MEDIUM

Medium-Risk Permission: storage

This extension has the storage permission. Can store data locally.

MEDIUM

Medium-Risk Permission: unlimitedStorage

This extension has the unlimitedStorage permission. Can store unlimited data locally.

Security Analysis Details

Required Permissions:

alarms
downloads
idle
nativeMessaging
scripting
storage
tabs
webNavigation
webRequest
contextMenus
identity
unlimitedStorage

Optional Permissions:

downloads

Host Permissions:

<all_urls>

Content Security Policy:

extension_pages: default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; connect-src https://*.nexthink.cloud https://*.nexthink.com;

Embedded URLs (59 total):

http://bit.ly/redux-logger-options	https://github.com/zloirock/core-js/blob/v3.36.1/LICENSE
https://github.com/zloirock/core-js	http://www.example.com
https://c344f0363028300dc2b39120c14662c7@o783994.ingest.us.sentry.io/4507374135803904	https://redux.js.org/Errors?code=
https://bit.ly/3cXEKWf	https://github.com/uuidjs/uuid#getrandomvalues-not-supported
https://app.eu-dev.applearn.tv	https://app.eu-dev.applearn.tv/assets/media-embed/index.html
https://app.eu-dev.applearn.tv/console/	https://auth.eu-dev.applearn.tv/auth/realms/yeself
https://auth.eu-dev.applearn.tv/auth	https://dap-dev-login.eu.dev.nexthink.cloud
https://ec776765f5f74f85804453a916f0c04d@o783994.ingest.us.sentry.io/5798986	http://www.apache.org/licenses/LICENSE-2.0
https://clients2.google.com/service/update2/crx	https://www.froala.com/wysiwyg-editor
https://froala.com/wysiwyg-editor/terms/	http://www.w3.org/2000/svg
https://froala.com/wysiwyg-editor	https://reactjs.org/docs/error-decoder.html?invariant=
http://www.w3.org/1999/xlink	http://www.w3.org/XML/1998/namespace
http://www.w3.org/1999/xhtml	http://www.w3.org/1998/Math/MathML
https://fb.me/react-async-component-lifecycle-hooks	http://fb.me/use-check-prop-types
https://reactjs.org/link/react-polyfills	https://cdnjs.cloudflare.com/ajax/libs/emojione/2.0.1/assets/svg/
http://emojione.com/	https://i.froala.com/upload
https://cors-anywhere.froala.com	https://www.youtube.com/embed/
https://player.vimeo.com/video/	https://www.dailymotion.com/embed/video/
https://rutube.ru/play/embed/	https://play.vidyard.com/
https://secure.webtoolhub.com/static/resources/icons/set112/f2afb6f7.png	http://w3.org/200/svg
https://mail.google.com/mail	https://i.froala.com/load-files
https://froala.com	https://google.com
https://facebook.com	https://formatjs.io/docs/react-intl#runtime-requirements
https://formatjs.io/docs/react-intl/api#intlshape	https://formatjs.io/docs/getting-started/message-distribution
https://github.com/puleos/object-hash/issues/26	http://github.com/dominictarr/crypto-browserify
https://npms.io/search?q=ponyfill.	https://github.com/styled-components/styled-components/blob/master/packages/styled-components/src/utils/errors.md#
https://github.com/focus-trap/focus-trap/blob/master/LICENSE	https://github.com/focus-trap/tabbable/blob/master/LICENSE
https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap	https://app.eu-dev.applearn.tv:443/assets/images/themes/workday/switch_on_icon.svg
https://app.eu-dev.applearn.tv:443/assets/images/themes/yeself/switch_off_icon.svg	http://www.bohemiancoding.com/sketch
https://developer.mozilla.org/en-US/docs/Web/CSS/CSS_Fonts/Variable_Fonts_Guide#Using_a_variable_font_font-face_changes

Raw Manifest

{
  "name": "Nexthink",
  "icons": {
    "16": "assets/images/icon-active-16.png",
    "24": "assets/images/icon-active-24.png",
    "32": "assets/images/icon-active-32.png",
    "48": "assets/images/icon-active-48.png",
    "128": "assets/images/icon-128.png"
  },
  "action": {
    "default_icon": {
      "16": "assets/images/icon-inactive-16.png",
      "24": "assets/images/icon-inactive-24.png",
      "32": "assets/images/icon-inactive-32.png",
      "48": "assets/images/icon-inactive-48.png"
    },
    "default_popup": "/popup/inactive-popup.html",
    "default_title": "Nexthink"
  },
  "version": "25.2.2",
  "background": {
    "type": "module",
    "service_worker": "background.js"
  },
  "short_name": "Nexthink Browser Extension",
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "Extends Nexthink Infinity to add experience optimization for SaaS and other web applications",
  "permissions": [
    "alarms",
    "downloads",
    "idle",
    "nativeMessaging",
    "scripting",
    "storage",
    "tabs",
    "webNavigation",
    "webRequest",
    "contextMenus",
    "identity",
    "unlimitedStorage"
  ],
  "version_name": "25.2.2-release",
  "host_permissions": [
    "<all_urls>"
  ],
  "manifest_version": 3,
  "optional_permissions": [
    "downloads"
  ],
  "content_security_policy": {
    "extension_pages": "default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; connect-src https://*.nexthink.cloud https://*.nexthink.com;"
  },
  "web_accessible_resources": [
    {
      "matches": [
        "<all_urls>"
      ],
      "resources": [
        "messenger.js",
        "messenger/index.html",
        "assets/*",
        "*.map"
      ],
      "extension_ids": []
    }
  ]
}

Nexthink

Extension Details

Context-Aware Verdict

Security Analysis

Security Analysis Details

Required Permissions:

Optional Permissions:

Host Permissions:

Content Security Policy:

Embedded URLs (59 total):

Raw Manifest

Secure Annex (beta)