[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

Jetwriter AI: Reply Emails, Ask Page, Summarize, Fix Grammar, and More

Version 26.4.17 View in Chrome Web Store

Last scanned: about 20 hours ago

Extension Details

Developer: jetwriter.ai

Rating: 4.6 ★ (1.4K ratings)

Users: 500,000

Context-Aware Verdict

HIGH

Overall Risk

Trust Factors:

The extension has a solid user base of 500,000 users and maintains a strong 4.6-star rating from 1,400 reviews, indicating general user satisfaction. The developer jetwriter.ai appears to be a legitimate AI writing service company. The extension's functionality aligns with current AI productivity trends, and the version number (26.4.17) suggests active development and maintenance.

Concerns:

The primary concern is the extension's extremely broad access permissions. The <all_urls> host permissions and content script injection capabilities mean this extension can read, modify, and potentially exfiltrate data from every website you visit, including sensitive sites like banking, email, and social media platforms. While these permissions may be necessary for the AI features to work across different websites, they create significant privacy and security risks. The extension essentially has the technical capability to capture passwords, personal information, and browsing habits across your entire web experience.

Recommendations:

Given the high-risk permissions but legitimate use case, consider running this extension in a dedicated Chrome profile separate from your main browsing activities. Only use this profile for websites where you actually need the AI writing assistance. Alternatively, disable the extension by default and only enable it temporarily when needed for specific tasks. Regularly review the extension's privacy policy and monitor for any suspicious behavior or unauthorized data collection.

Findings

HIGH

Broad Content Script Injection

This extension can inject scripts into any website. This means it could potentially read sensitive data, modify website content, or steal credentials.

HIGH

Broad Host Permissions

This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.

MEDIUM

Medium-Risk Permission: contextMenus

This extension has the contextMenus permission. Can add items to the context menu.

MEDIUM

Medium-Risk Permission: storage

This extension has the storage permission. Can store data locally.

Security Analysis Details

Required Permissions:

storage
scripting
contextMenus

Host Permissions:

<all_urls>

Embedded URLs (26 total):

http://www.apache.org/licenses/LICENSE-2.0	https://firebase.google.com/docs/studio/preview-apps#preview-backend
http://www.w3.org/2000/svg	https://jetwriter.ai
https://dev.jetwriter.ai	https://chatgpt-writer.firebaseio.com
https://api.mixpanel.com/track	https://api.mixpanel.com/engage#profile-set
https://api.mixpanel.com/track#create-identity	https://api.openai.com/v1/models
https://generativelanguage.googleapis.com/v1beta/models?key=	https://api.anthropic.com/v1/models
https://clients2.google.com/service/update2/crx	https://reactjs.org/docs/error-decoder.html?invariant=
http://www.w3.org/1999/xlink	http://www.w3.org/XML/1998/namespace
http://www.w3.org/1998/Math/MathML	http://www.w3.org/1999/xhtml
https://chromewebstore.google.com/detail/jetwriter-ai-reply-emails/pdnenlnelpdomajfejgapbdpmjkfpjkp/reviews	https://microsoftedge.microsoft.com/addons/detail/gocnmcailiollkkaaieichicbfobepae
https://jetwriter.ai/dashboard	https://html.spec.whatwg.org/multipage/custom-elements.html#valid-custom-element-name
https://swiftship.com/help	https://jetwriter.ai/blog/chatgpt-writer-is-now-jetwriter-ai
https://github.com/syntax-tree/hast-util-to-jsx-runtime	https://github.com/remarkjs/react-markdown/blob/main/changelog.md

Raw Manifest

{
  "name": "Jetwriter AI: Reply Emails, Ask Page, Summarize, Fix Grammar, and More",
  "icons": {
    "16": "/icons/icon16.png",
    "48": "/icons/icon48.png",
    "128": "/icons/icon128.png"
  },
  "action": {
    "default_icon": {
      "16": "/icons/icon16.png",
      "48": "/icons/icon48.png",
      "128": "/icons/icon128.png"
    },
    "default_popup": "popup.html",
    "default_title": "Jetwriter AI: Use AI on Any Site (GPT-5, Claude, Gemini, and More)"
  },
  "version": "26.4.17",
  "commands": {
    "_execute_action": {
      "suggested_key": {
        "mac": "Command+Shift+K",
        "linux": "Ctrl+Shift+K",
        "windows": "Ctrl+Shift+K",
        "chromeos": "Ctrl+Shift+K"
      }
    }
  },
  "background": {
    "service_worker": "background.js"
  },
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "__MSG_extDescription__",
  "permissions": [
    "storage",
    "scripting",
    "contextMenus"
  ],
  "default_locale": "en",
  "content_scripts": [
    {
      "js": [
        "content-scripts/content.js"
      ],
      "matches": [
        "<all_urls>"
      ]
    }
  ],
  "host_permissions": [
    "<all_urls>"
  ],
  "manifest_version": 3,
  "externally_connectable": {
    "matches": [
      "https://*.chatgptwriter.ai/*",
      "http://localhost:3000/*",
      "https://*.jetwriter.ai/*"
    ]
  },
  "web_accessible_resources": [
    {
      "matches": [
        "<all_urls>"
      ],
      "resources": [
        "content-scripts/content.css"
      ]
    }
  ]
}

by ✦ Astarte

Jetwriter AI: Reply Emails, Ask Page, Summarize, Fix Grammar, and More

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Host Permissions:

Embedded URLs (26 total):

Raw Manifest

Detections

Manifest Findings