Wordvice AI Writing Assistant: Grammar Checker, Translator, Paraphraser
Version 1.0.4 View in Chrome Web Store
Extension Details
Context-Aware Verdict
The extension comes from wordvice.ai, which appears to be a legitimate writing assistance service. With 10,000 users and a 4.6-star rating from 9 reviews, it shows some positive user feedback, though the review count is relatively low for the user base. The extension's purpose as a grammar checker, translator, and paraphraser aligns with its requested permissions for text processing across websites.
The extension exhibits several concerning security characteristics that justify the critical risk rating. The combination of broad host permissions with all_urls access and content script injection capabilities creates significant privacy and security exposure. The cookies permission is particularly concerning for a writing tool, as it could potentially access authentication tokens and session data. The tabs permission allows monitoring of browsing activity beyond what's necessary for text assistance. The extension can essentially read and modify content on any website you visit, including sensitive financial, medical, or personal sites.
Given the critical risk level, consider running this extension in a completely separate Chrome profile dedicated only to writing tasks. Alternatively, look for writing assistance tools that work as standalone applications or browser-based services without requiring such extensive permissions. If you must use this extension, disable it when not actively writing and avoid using it while accessing sensitive websites like banking or healthcare portals. Monitor your accounts for any unusual activity after installation.
Findings
Security Analysis Details
Required Permissions:
- activeTab
- storage
- tabs
- contextMenus
- scripting
- cookies
Host Permissions:
- <all_urls>
- https://docs.google.com/*
- https://sheets.google.com/*
- https://slides.google.com/*
Embedded URLs (266 total):
| https://react.dev/errors/ | http://www.w3.org/2000/svg | |
| http://www.w3.org/1998/Math/MathML | http://www.w3.org/1999/xlink | |
| http://www.w3.org/XML/1998/namespace | https://tailwindcss.com | |
| https://github.com/mozdevs/cssremedy/issues/4 | https://github.com/tailwindcss/tailwindcss/pull/116 | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=190655 | https://bugs.chromium.org/p/chromium/issues/detail?id=999088 | |
| https://bugs.webkit.org/show_bug.cgi?id=201297 | https://bugs.chromium.org/p/chromium/issues/detail?id=935729 | |
| https://bugs.webkit.org/show_bug.cgi?id=195016 | https://github.com/mozilla/gecko-dev/blob/2f9eacd9d3d995c937b4251a5557d95d494c9be1/layout/style/res/forms.css#L728-L737 | |
| https://github.com/tailwindlabs/tailwindcss/issues/3300 | https://github.com/mozdevs/cssremedy/issues/14 | |
| https://github.com/jensimmons/cssremedy/issues/14#issuecomment-634934210 | https://sysapi.wordvice.ai | |
| https://wordvice.ai/account/profile | https://wordvice.ai/plans | |
| https://drafts.csswg.org/css-values-3/#urls | http://www.opensource.org/licenses/mit-license.php | |
| http://www.apache.org/licenses/LICENSE-2.0 | https://github.com/dominictarr/hashlru/blob/v1.0.4/index.js | |
| https://github.com/tailwindlabs/tailwindcss/blob/v3.2.2/src/util/splitAtTopLevelOnly.js | https://github.com/dcastil/tailwind-merge/issues/513#issuecomment-2614029864 | |
| https://github.com/lukeed/clsx | https://github.com/lukeed/clsx/blob/v1.2.1/src/index.js | |
| https://github.com/lukeed/clsx/blob/v1.2.1/clsx.d.ts | https://tailwindcss.com/docs/theme#theme-variable-namespaces | |
| https://github.com/tailwindlabs/tailwindcss/pull/17378 | https://tailwindcss.com/docs/aspect-ratio | |
| https://tailwindcss.com/docs/container | https://tailwindcss.com/docs/columns | |
| https://tailwindcss.com/docs/break-after | https://tailwindcss.com/docs/break-before | |
| https://tailwindcss.com/docs/break-inside | https://tailwindcss.com/docs/box-decoration-break | |
| https://tailwindcss.com/docs/box-sizing | https://tailwindcss.com/docs/display | |
| https://tailwindcss.com/docs/display#screen-reader-only | https://tailwindcss.com/docs/float | |
| https://tailwindcss.com/docs/clear | https://tailwindcss.com/docs/isolation | |
| https://tailwindcss.com/docs/object-fit | https://tailwindcss.com/docs/object-position | |
| https://tailwindcss.com/docs/overflow | https://tailwindcss.com/docs/overscroll-behavior | |
| https://tailwindcss.com/docs/position | https://tailwindcss.com/docs/top-right-bottom-left | |
| https://tailwindcss.com/docs/visibility | https://tailwindcss.com/docs/z-index | |
| https://tailwindcss.com/docs/flex-basis | https://tailwindcss.com/docs/flex-direction | |
| https://tailwindcss.com/docs/flex-wrap | https://tailwindcss.com/docs/flex | |
| https://tailwindcss.com/docs/flex-grow | https://tailwindcss.com/docs/flex-shrink | |
| https://tailwindcss.com/docs/order | https://tailwindcss.com/docs/grid-template-columns | |
| https://tailwindcss.com/docs/grid-column | https://tailwindcss.com/docs/grid-template-rows | |
| https://tailwindcss.com/docs/grid-row | https://tailwindcss.com/docs/grid-auto-flow | |
| https://tailwindcss.com/docs/grid-auto-columns | https://tailwindcss.com/docs/grid-auto-rows | |
| https://tailwindcss.com/docs/gap | https://tailwindcss.com/docs/justify-content | |
| https://tailwindcss.com/docs/justify-items | https://tailwindcss.com/docs/justify-self | |
| https://tailwindcss.com/docs/align-content | https://tailwindcss.com/docs/align-items | |
| https://tailwindcss.com/docs/align-self | https://tailwindcss.com/docs/place-content | |
| https://tailwindcss.com/docs/place-items | https://tailwindcss.com/docs/place-self | |
| https://tailwindcss.com/docs/padding | https://tailwindcss.com/docs/margin | |
| https://tailwindcss.com/docs/margin#adding-space-between-children | https://tailwindcss.com/docs/width#setting-both-width-and-height |
Raw Manifest
{ "name": "Wordvice AI Writing Assistant: Grammar Checker, Translator, Paraphraser", "icons": { "16": "icons/w16.png", "48": "icons/w20.png", "128": "icons/w36.png" }, "action": { "default_icon": { "16": "icons/w16.png", "48": "icons/w20.png", "128": "icons/w36.png" }, "default_popup": "popup.html" }, "version": "1.0.4", "commands": { "wordvice-proofread": { "description": "Activate Proofread", "suggested_key": { "default": "Alt+Shift+1" } }, "wordvice-translate": { "description": "Activate Translate", "suggested_key": { "default": "Alt+Shift+2" } }, "wordvice-paraphrase": { "description": "Activate Paraphrase", "suggested_key": { "default": "Alt+Shift+3" } } }, "background": { "service_worker": "background.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "Unlock real-time proofreading, accurate translations, and smart paraphrasing suggestions, all within one powerful Google extension.", "permissions": [ "activeTab", "storage", "tabs", "contextMenus", "scripting", "cookies" ], "content_scripts": [ { "js": [ "contentScript.js" ], "css": [ "popup.css", "content-script.fonts.css" ], "world": "ISOLATED", "matches": [ "<all_urls>", "https://docs.google.com/*", "https://sheets.google.com/*", "https://slides.google.com/*" ] } ], "host_permissions": [ "<all_urls>", "https://docs.google.com/*", "https://sheets.google.com/*", "https://slides.google.com/*" ], "manifest_version": 3, "web_accessible_resources": [ { "matches": [ "<all_urls>" ], "resources": [ "popup.css", "content-script.fonts.css", "popup.fonts.css", "fonts/PretendardBlack.woff2", "fonts/PretendardExtraBold.woff2", "fonts/PretendardBold.woff2", "fonts/PretendardSemiBold.woff2", "fonts/PretendardMedium.woff2", "fonts/PretendardRegular.woff2", "fonts/PretendardLight.woff2", "fonts/PretendardExtraLight.woff2", "fonts/PretendardThin.woff2" ] } ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.