Dark ModeSecurity Analysis

Chromev0.5.4MV3February 16, 2026 at 03:54 PM

9.3CRITICAL

9.3 CRITICAL

This extension shows critical risk indicators. It requests highly sensitive permissions combined with suspicious code patterns. Proceed with extreme caution.

Based on 4 permissions including high-risk ones, 23 code findings, 1 dangerous combination.

Dangerous Combinations(1)

CRITICALAll-sites access + keyboard capture

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

<all_urls>+keylogger_pattern

Permissions

9.0/10

Code

9.8/10

Combinations

10.0/10

Manifest/CSP

8.0/10

Permissions(4 analyzed)

Code Findings(10 patterns, 23 total)

Content Security Policy

No CSP Defined(1 issue)

MEDIUM

N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(3 findings)

HIGH

web_accessible_resourcesJS files exposed to web pages

JavaScript files are accessible to ALL websites. Any page can load and interact with these scripts, enabling web→extension attacks.

MEDIUM

web_accessible_resources.matchesOverly broad match patterns

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

HIGH

content_scriptsAggressive content script injection

Content script runs at document_start in ALL frames on ALL URLs. This gives the extension deep access to every page load, including iframes.

External Domains(8)

github.comjakiestfu.commjijackson.commybrowseraddon.comopensource.orgstackoverflow.comwebbrowsertools.comwww.youtube.com

Indicators of Compromise

8 indicators of compromise found

File Statistics

115

Total Files

13

JS Files

964.7 KB

Total Size

Other Scanned Extensions

Urban VPN Proxy

BrowserGPT: ChatGPT Anywhere Powered by GPT 4

MyJDownloader Browser Extension

__MSG_appName__

HARPA AI: Web Automation with ChatGPT, Claude, Gemini, Grok