ExtSafe

Ecosia - The search engine that plants treesSecurity Analysis

Chromev7.5.0MV3February 16, 2026 at 04:05 PM
4.7MEDIUM
4.7 MEDIUM

This extension shows some risk signals that are common in legitimate extensions but worth reviewing. Check the details below.

Based on 2 permissions including high-risk ones, 3 code findings, 1 dangerous combination.

Dangerous Combinations(1)

CRITICALCookie access + external network

Extension has cookie access and sends data to external servers — potential session token theft.

cookies+external network request
Permissions
7.5/10
Code
0.0/10
Combinations
10.0/10
Manifest/CSP
3.3/10

Permissions(2 analyzed)

Code Findings(3 patterns, 3 total)

Content Security Policy

No CSP Defined(1 issue)
MEDIUM
N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(1 finding)

Resolved from __MSG_* i18n placeholders:

Name: Ecosia - The search engine that plants trees

Description: This extension sets your search engine to Ecosia and customizes your new tab page so you can plant trees with every search.

LOW
externally_connectableExternal messaging enabled

Extension accepts messages from 1 external pattern(s). Verify these are trusted origins.

External Domains(1)

www.ecosia.org

Indicators of Compromise

4 indicators of compromise found

File Statistics

17
Total Files
2
JS Files
30.7 KB
Total Size

Other Scanned Extensions

Obsidian Web Clipper
4.8 MEDIUM
ProKeys
5.2 MEDIUM
Save Image As...
3.7 MEDIUM
Image downloader - Imageye
4.2 MEDIUM
uBlock Origin Lite
5.7 MEDIUM
Stream Cleaner
4.3 MEDIUM