ExtSafe

e-Tax APSecurity Analysis

Chromev3.0.3.2MV3February 16, 2026 at 03:19 PM
9.2CRITICAL
9.2 CRITICAL

This extension shows critical risk indicators. It requests highly sensitive permissions combined with suspicious code patterns. Proceed with extreme caution.

Based on 36 permissions including high-risk ones, 14 code findings, 1 dangerous combination.

Dangerous Combinations(1)

CRITICALNative messaging + dynamic code execution

Extension communicates with native apps and executes dynamic code — potential sandbox escape vector.

nativeMessaging+eval/Function/dynamic code
Permissions
10.0/10
Code
9.9/10
Combinations
10.0/10
Manifest/CSP
2.6/10

Permissions(36 analyzed)

Code Findings(4 patterns, 14 total)

Content Security Policy

No CSP Defined(1 issue)
MEDIUM
N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(0 findings)

No manifest-level concerns found.

Indicators of Compromise

8 indicators of compromise found

File Statistics

7
Total Files
2
JS Files
86.5 KB
Total Size

Other Scanned Extensions

Urban VPN Proxy
8.2 CRITICAL
BrowserGPT: ChatGPT Anywhere Powered by GPT 4
8.2 CRITICAL
MyJDownloader Browser Extension
8.4 CRITICAL
__MSG_appName__
8.0 CRITICAL
HARPA AI: Web Automation with ChatGPT, Claude, Gemini, Grok
9.8 CRITICAL
Phantom
9.6 CRITICAL