Auto Refresh Plus | Page MonitorSecurity Analysis

Chromev8.1.0MV3February 18, 2026 at 11:43 AM

Use with caution

This extension requests significant permissions. It has 1M+ users, a 3.3 star rating, but review the findings below.

4.6MEDIUM

4.6 MEDIUMRaw: 5.7

This extension shows some risk signals that are common in legitimate extensions but worth reviewing. Check the details below.

Based on 8 permissions including high-risk ones, 123 code findings, 1 dangerous combination.

Trust Signals(4.5/10)

Users

1.0M

Rating

3.3(21K reviews)

Status

Featured

Dangerous Combinations(1)

MEDIUMTab tracking API + external communication

Extension uses tab tracking APIs (onUpdated/query) and communicates with external servers — potential browsing surveillance.

tabs+tabs API usage + external network

Permissions

6.0/10

Code

7.5/10

Combinations

4.0/10

Manifest/CSP

3.1/10

Permissions(8 analyzed)

Code Findings(15 patterns, 123 total)

Libraries(7 detected)

7 libraries detected

Content Security Policy

No CSP Defined(1 issue)

MEDIUM

N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(1 finding)

Resolved from __MSG_* i18n placeholders:

Description: Refresh the page automatically with powerful page monitor features.

MEDIUM

web_accessible_resources.matchesOverly broad match patterns

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

External Domains(11)

*account.autorefresh.ioautorefresh.ioexample.comgithub.comhtml.spec.whatwg.orglh3.googleusercontent.comnodomainradix-ui.comreactjs.orgwxt.dev

Indicators of Compromise

30 indicators of compromise found

File Statistics

53

Total Files

12

JS Files

2.9 MB

Total Size

Other Scanned Extensions

Obsidian Web Clipper

Save Image As...

Image downloader - Imageye

uBlock Origin Lite