Extension Details
Context-Aware Verdict
The extension has a high user rating of 4.8 stars, which indicates positive user experiences, though this is based on only 5 reviews. With 2,000 users, it has a modest user base that suggests some level of community adoption. The extension uses Manifest V3, which is Google's latest and more secure extension framework that provides better security controls and privacy protections. The security analysis shows zero findings, indicating no obvious red flags in the code structure.
The primary concern is the lack of transparency regarding the developer information, which makes it difficult to assess the publisher's credibility and track record. With only 5 ratings despite 2,000 users, there's limited feedback to gauge real-world performance and potential issues. The missing technical details (permissions, host permissions, content scripts) in the provided analysis make it challenging to fully evaluate what system access the extension requires.
This extension appears relatively safe for general use given its minimal risk profile and use of the secure Manifest V3 framework. However, due to the limited developer information, consider monitoring the extension's behavior after installation. Check what specific permissions it requests during installation, and ensure they align with flowchart creation functionality. If you're working with sensitive data, consider using it in a separate Chrome profile as a precautionary measure until you can verify its trustworthiness through extended use.
Findings
Security Analysis Details
Embedded URLs (9 total):
| https://docs.google.com/forms/d/e/1FAIpQLSfk45Nd02V1kkKvWbpOVOSr6HOgmyGc2w1buk2pELjQljmamA/viewform | https://mirovan.github.io/flowchart-maker-site/welcome.html | |
| http://www.w3.org/2000/svg%27 | https://getbootstrap.com/ | |
| https://github.com/twbs/bootstrap/blob/main/LICENSE | https://konvajs.org/docs/posts/Tainted_Canvas.html. | |
| https://chromewebstore.google.com/detail/flowchart-maker/npiiinidjjddnffoiopbkncedkkhhbia/reviews | https://github.com/twbs/bootstrap/graphs/contributors | |
| https://clients2.google.com/service/update2/crx |
Raw Manifest
{ "name": "__MSG_appName__", "icons": { "16": "static/img/cws_icons/16x16.png", "32": "static/img/cws_icons/32x32.png", "48": "static/img/cws_icons/48x48.png", "96": "static/img/cws_icons/96x96.png", "128": "static/img/cws_icons/128x128.png" }, "action": { "default_icon": "static/img/cws_icons/icon.png", "default_title": "__MSG_appName__" }, "version": "2.6.0", "background": { "service_worker": "service-worker.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_shortDesc__", "permissions": [], "default_locale": "en", "manifest_version": 3, "minimum_chrome_version": "116", "web_accessible_resources": [ { "matches": [ "<all_urls>" ], "resources": [ "index.html", "static/*" ] } ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.