ExtSafe

AIPRM for ChatGPTSecurity Analysis

Chromev1.3.12.12MV3February 16, 2026 at 04:05 PM
8.6CRITICAL
8.6 CRITICAL

This extension shows critical risk indicators. It requests highly sensitive permissions combined with suspicious code patterns. Proceed with extreme caution.

Based on 6 permissions including high-risk ones, 128 code findings, 1 dangerous combination.

Dangerous Combinations(1)

CRITICALNetwork interception + external communication

Extension intercepts network traffic and sends data externally — potential man-in-the-middle behavior.

webRequest/webRequestBlocking+external network request
Permissions
8.0/10
Code
10.0/10
Combinations
10.0/10
Manifest/CSP
5.0/10

Permissions(6 analyzed)

Code Findings(12 patterns, 128 total)

Content Security Policy

No CSP Defined(1 issue)
MEDIUM
N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(2 findings)

MEDIUM
web_accessible_resourcesJS files exposed to web pages

JavaScript files are exposed as web-accessible resources. Matched websites can load and interact with extension scripts.

LOW
externally_connectableExternal messaging enabled

Extension accepts messages from 1 external pattern(s). Verify these are trusted origins.

External Domains(21)

api.aiprm.comapp.aiprm.comchat.openai.comchatgpt.comcode.google.comdev-api.aiprm.comdev-app.aiprm.comforum.aiprm.comgithub.comlrt.limobile.slate.comschema.orgsearchfox.orgstatic.aiprm.comstatus.aiprm.comtest-api.aiprm.comtest-app.aiprm.comversion.aiprm.comwww.aiprm.comwww.apache.orgwww.example.com

Indicators of Compromise

6 indicators of compromise found

File Statistics

45
Total Files
22
JS Files
941.4 KB
Total Size

Other Scanned Extensions

Urban VPN Proxy
8.2 CRITICAL
BrowserGPT: ChatGPT Anywhere Powered by GPT 4
8.2 CRITICAL
MyJDownloader Browser Extension
8.4 CRITICAL
__MSG_appName__
8.0 CRITICAL
HARPA AI: Web Automation with ChatGPT, Claude, Gemini, Grok
9.8 CRITICAL
Phantom
9.6 CRITICAL