ExtSafe

Dark Mode - Dark Reader for СhromeSecurity Analysis

Chromev1.4.15MV3February 16, 2026 at 02:55 PM
9.2CRITICAL
9.2 CRITICAL

This extension shows critical risk indicators. It requests highly sensitive permissions combined with suspicious code patterns. Proceed with extreme caution.

Based on 4 permissions including high-risk ones, 18 code findings, 1 dangerous combination.

Dangerous Combinations(1)

CRITICALAll-sites access + keyboard capture

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

<all_urls>+keylogger_pattern
Permissions
9.0/10
Code
9.9/10
Combinations
10.0/10
Manifest/CSP
6.7/10

Permissions(4 analyzed)

Code Findings(10 patterns, 18 total)

Libraries(1 detected)

1 library detected, 1 with known vulnerabilities

Content Security Policy

No CSP Defined(1 issue)
MEDIUM
N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(2 findings)

Resolved from __MSG_* i18n placeholders:

Name: Dark Mode - Dark Reader for Сhrome

Description: Dark Mode a classic dark theme for every website. Switch website to dark reader and for night and daily browsing.

MEDIUM
web_accessible_resources.matchesOverly broad match patterns

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

HIGH
content_scriptsAggressive content script injection

Content script runs at document_start in ALL frames on ALL URLs. This gives the extension deep access to every page load, including iframes.

External Domains(1)

github.com

Indicators of Compromise

39 indicators of compromise found

File Statistics

72
Total Files
6
JS Files
1.5 MB
Total Size

Other Scanned Extensions

Urban VPN Proxy
8.2 CRITICAL
BrowserGPT: ChatGPT Anywhere Powered by GPT 4
8.2 CRITICAL
MyJDownloader Browser Extension
8.4 CRITICAL
__MSG_appName__
8.0 CRITICAL
HARPA AI: Web Automation with ChatGPT, Claude, Gemini, Grok
9.8 CRITICAL
Phantom
9.6 CRITICAL