Is Dino 3D safe to use?

Dino 3D has a risk level of HIGH with an overall risk score of 6.0/10. Our scan detected 114 security findings. This extension has significant security concerns — review the full report before installing.

What permissions does Dino 3D request?

Dino 3D requests the following permissions: alarms, scripting, storage. It also requests host access to: .

What is Dino 3D's risk score?

Dino 3D has an overall risk score of 6.0/10 (HIGH). Breakdown: Permissions 7.0/10, Code 3.6/10, Combinations 10.0/10, CSP 4.3/10.

ExtSafe

Dino 3DSecurity Analysis

Chromev1.0.5MV3February 18, 2026 at 11:37 AM

Potentially unsafe

This extension shows concerning patterns that may indicate risky behavior. Proceed with caution.

6.0HIGH

6.0 HIGH

This extension shows significant risk signals. Review the findings below carefully before installing or continuing to use it.

Based on 4 permissions including high-risk ones, 112 code findings, 1 dangerous combination.

Trust Signals(1.0/10)

Users

20K

Rating

3.5(34 reviews)

Dangerous Combinations(1)

CRITICALAll-sites access + keyboard capture

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

<all_urls>+keylogger_pattern

Permissions

7.0/10

Code

3.6/10

Combinations

10.0/10

Manifest/CSP

4.3/10

Permissions(4 analyzed)

Code Findings(16 patterns, 112 total)

Content Security Policy

No CSP Defined(1 issue)

MEDIUM

N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(2 findings)

Resolved from __MSG_* i18n placeholders:

Name: Dino 3D

Description: Experience the Prehistoric Era with Dino 3D - Your Favorite Easter Egg Game in 3D Form!

MEDIUM

web_accessible_resources.matchesOverly broad match patterns

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

MEDIUM

content_scriptsContent script injected on all URLs

Content script matches <all_urls>, executing on every website the user visits.

External Domains(108)

airtight.ccalmarklein.orgalteredqualia.comartmartinsh.blogspot.comblenderartists.orgblog.thejit.orgbugs.chromium.orgcharliehoey.comclara.ioclicktorelease.comcode.google.comcodepen.iocolinbarrebrisebois.comcomputergraphics.stackexchange.comcreativecommons.orgdaron1337.github.iodev.w3.orgdeveloper.download.nvidia.comdeveloper.nvidia.comdocs.unrealengine.comdsmu.meeduperiment.comegraether.comen.wikipedia.orgerichaines.comevanw.github.comexocortex.comfernandojsg.comgames.greggman.comgeomalgorithms.comgist.github.comgithub.comgomo.segraphics.stanford.eduhamoid.comhuwbowles.comideone.comjacksondunstan.comjohn-chapman-graphics.blogspot.comjonobr1.comjsfiddle.netjsperf.comkile.stravaganza.orgkriss.cxlearnopengl.comlighthaus.usmmikkelsen3d.blogspot.skmrdoob.commrl.nyu.edumsdn.microsoft.como3d.googlecode.compaulbakaus.compaulbourke.netpixelshaders.complattsoft.compolko.meprideout.netrastergrid.comrealitymeltdown.comreecenotes.comregex101.comseblagarde.files.wordpress.comstackoverflow.comstaffwww.itn.liu.sesunandblackcat.comtapio.github.comthreejs.orgtimothylottes.blogspot.comtobyschachman.comtwitter.comverold.comwongbryan.github.iowww.apache.orgwww.blackpawn.comwww.bobatkins.comwww.cake23.dewww.cemyuksel.comwww.chiark.greenend.org.ukwww.cis.rit.eduwww.crytek.comwww.cs.indiana.eduwww.cs.utah.eduwww.donmccurdy.comwww.euclideanspace.comwww.floorplanner.comwww.gamedev.netwww.gamerendering.comwww.geometrictools.comwww.glge.orgwww.graphics.cornell.eduwww.iquilezles.orgwww.jsantell.comwww.khronos.orgwww.lab4games.netwww.mathworks.comwww.mrdoob.comwww.okino.comwww.oodesign.comwww.paulbrunt.co.ukwww.ppsloan.orgwww.sketchpatch.netwww.threejs.org.cnwww.tonyparisi.comwww.truevision3d.comwww.twitter.comwww.widescreenmuseum.comwww.youtube.comyoutu.be