[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

MPRC for Chrome

Version 1.0 View in Chrome Web Store

Last scanned: about 2 hours ago

Extension Details

Rating: 4.3 ★

Users: 5

Context-Aware Verdict

HIGH

Overall Risk

Trust Factors:

The extension has extremely limited adoption with only 5 users, which raises significant concerns about its legitimacy and testing. While it maintains a 4.3 rating, the small user base makes this metric unreliable. The lack of developer information, company details, and missing last updated date creates transparency issues that undermine trustworthiness.

Concerns:

The most critical issue is the <all_urls> host permission combined with nativeMessaging capability, creating a dangerous combination that allows the extension to access all websites and communicate with native applications on your system. This permission set is excessive for most legitimate use cases and could enable data exfiltration, credential theft, or system compromise. The contextMenus permission, while less concerning individually, adds another attack vector when combined with the broad access rights.

The extension's name "MPRC for Chrome" provides no clear indication of its purpose, making it difficult to assess whether these permissions are justified. The extremely low user count suggests this may be a test extension or potentially malicious software with limited distribution.

Recommendations:

Do not install this extension due to its high-risk permission combination and lack of transparency. If you must use it, run it in a completely isolated Chrome profile with no access to sensitive accounts or data. Consider seeking alternative extensions with similar functionality from established developers with proper documentation and reasonable permission requests.

Findings

HIGH

Broad Host Permissions

This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.

MEDIUM

Medium-Risk Permission: contextMenus

This extension has the contextMenus permission. Can add items to the context menu.

Raw Manifest

{
  "name": "MPRC for Chrome",
  "icons": {
    "16": "icons/icon-16.png",
    "32": "icons/icon-32.png",
    "48": "icons/icon-48.png",
    "128": "icons/icon-128.png"
  },
  "version": "1.0",
  "background": {
    "service_worker": "background.js"
  },
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "MPRC send content to Dune HD",
  "permissions": [
    "contextMenus",
    "nativeMessaging"
  ],
  "host_permissions": [
    "<all_urls>"
  ],
  "manifest_version": 3
}

by ✦ Astarte

MPRC for Chrome

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Host Permissions:

Embedded URLs (1 total):

Raw Manifest

Detections

Manifest Findings