Extension Details
Developer:
trancend.ai
Rating:
5.0 ★
(1 rating)
Users:
16
Context-Aware Verdict
This section provides a Claude-based AI analysis that applies additional context to the risk. Results are not guaranteed to be accurate.
HIGH
Risk Level
Trust Factors:
- The extension has a relatively low number of users (16), which could indicate it is not widely trusted or adopted.
- The developer information is limited, making it difficult to assess the reputation of the company behind the extension.
Concerns:
- The extension requests broad host permissions, allowing it to access many or all websites, which could potentially be used to steal sensitive data or track browsing activity.
- It has high-risk permissions such as tabs and cookies, which could be used maliciously to compromise security or privacy.
- It requests access to sensitive domains like LinkedIn, which could be concerning if the extension's functionality does not require such access.
Recommendations:
- Exercise caution when installing this extension, as it has several high-risk permissions and broad host access.
- Review the extension's source code or seek independent security audits to ensure it does not contain any malicious code or privacy violations.
- Consider running the extension in a separate browser profile or a sandboxed environment to limit potential risks.
- Monitor the extension's behavior and network activity for any suspicious activities.
- Regularly check for updates and remove the extension if it becomes outdated or if concerns arise about its trustworthiness.
Security Analysis
This section provides a detailed analysis of the extension's security posture, without broader context. Assumes worst-case impact.
HIGH
Overall Risk
Based on 5 total findings, ranked without considering overall context, including 3 high-risk and 2 medium-risk findings.
HIGH
Broad Host Permissions
This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.
HIGH
High-Risk Permission: cookies
This extension has the cookies permission. Can access and modify browser cookies. This could potentially be used maliciously to compromise security or privacy.
HIGH
High-Risk Permission: tabs
This extension has the tabs permission. Can access browser tab information and manipulate tabs. This could potentially be used maliciously to compromise security or privacy.
MEDIUM
Access to Sensitive Domains
This extension requests access to sensitive domains: *://*.linkedin.com/*. Ensure you trust this extension with access to these sites.
MEDIUM
Medium-Risk Permission: storage
This extension has the storage permission. Can store data locally.
Security Analysis Details
Required Permissions:
- storage
- scripting
- tabs
- alarms
- sidePanel
- cookies
Host Permissions:
- *://*.linkedin.com/*
- https://app.trancend.ai/*
- https://remembral.trancend.ai/*
Content Security Policy:
- extension_pages: script-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; report-uri https://csp-report.trancend.ai
Embedded URLs (24 total):
| https://fonts.googleapis.com | https://fonts.gstatic.com | |
| https://fonts.googleapis.com/icon?family=Material+Icons+Outlined | https://www.trancend.ai/terms-of-service | |
| https://www.trancend.ai/privacy-policy | https://www.linkedin.com/ | |
| https://www.linkedin.com/in/williamhgates/ | https://linkedin.com/in/... | |
| https://www.linkedin.com | http://www.w3.org/2000/svg | |
| https://www.linkedin.com/in/username | https://www.linkedin.com/in/anilchannappa | |
| https://remembral.trancend.ai | https://clients2.google.com/service/update2/crx | |
| https://app.trancend.ai/ | https://remembral.trancend.ai/ | |
| https://csp-report.trancend.ai | http://stuartk.com/jszip | |
| https://raw.github.com/Stuk/jszip/main/LICENSE.markdown. | https://github.com/nodeca/pako/blob/main/LICENSE | |
| https://stuk.github.io/jszip/documentation/howto/read_zip.html | https://github.com/nodeca/pako | |
| https://github.com/nodeca/pako/issues/135 | http://zlib.net/manual.html#Advanced |
Raw Manifest
{ "name": "Trancend AI", "icons": { "16": "assets/images/trancend-icon-16.png", "32": "assets/images/trancend-icon-32.png", "48": "assets/images/trancend-icon-48.png", "128": "assets/images/trancend-icon-128.png" }, "action": { "default_icon": { "16": "assets/images/trancend-icon-16.png", "32": "assets/images/trancend-icon-32.png", "48": "assets/images/trancend-icon-48.png", "128": "assets/images/trancend-icon-128.png" }, "default_title": "Remembral Uploader" }, "version": "0.92.3.1", "background": { "type": "module", "service_worker": "background/service.js" }, "side_panel": { "default_path": "app-home/login.html" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "AI assistant empowering relationship-builders and sales reps to unify relationships and facilitate warm intros at scale.", "permissions": [ "storage", "scripting", "tabs", "alarms", "sidePanel", "cookies" ], "host_permissions": [ "*://*.linkedin.com/*", "https://app.trancend.ai/*", "https://remembral.trancend.ai/*" ], "manifest_version": 3, "content_security_policy": { "extension_pages": "script-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; report-uri https://csp-report.trancend.ai" }, "web_accessible_resources": [ { "matches": [ "https://app.trancend.ai/*", "https://remembral.trancend.ai/*", "*://*.linkedin.com/*" ], "resources": [ "assets/images/*.png", "assets/images/*.svg", "assets/style/*.css", "vendor/jszip.min.js", "vendor/jszip.esm.mjs" ] } ] }
Secure Annex (beta)
Coming soon...