ExtSafe

Emojet - Emoji KeyboardSecurity Analysis

Chromev1.0.5MV3February 18, 2026 at 11:34 AM
Potentially unsafe

This extension shows concerning patterns that may indicate risky behavior. Proceed with caution.

6.8HIGH
6.8 HIGHRaw: 7.6

This extension shows significant risk signals. Review the findings below carefully before installing or continuing to use it.

Based on 4 permissions including high-risk ones, 12 code findings, 1 dangerous combination.

Trust Signals(2.0/10)

Users
10K
Rating
5.0(28 reviews)

Dangerous Combinations(1)

CRITICALAll-sites access + keyboard capture

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

<all_urls>+keylogger_pattern
Permissions
7.0/10
Code
8.2/10
Combinations
10.0/10
Manifest/CSP
3.9/10

Permissions(4 analyzed)

Code Findings(10 patterns, 12 total)

Content Security Policy

No CSP Defined(1 issue)
MEDIUM
N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(1 finding)

Resolved from __MSG_* i18n placeholders:

Name: Emojet - Emoji Keyboard

Description: Emojet: Discover, Copy, Insert, and Recall Emojis; Supports Latest Unicode Standard.

HIGH
content_scriptsAggressive content script injection

Content script runs at document_start in ALL frames on ALL URLs. This gives the extension deep access to every page load, including iframes.

External Domains(3)

github.comnpms.ioreactjs.org

Indicators of Compromise

11 indicators of compromise found

File Statistics

75
Total Files
3
JS Files
1.6 MB
Total Size

Other Scanned Extensions

Permanent clipboard
6.2 HIGH
Snippet Manager
6.4 HIGH
1Password – Password Manager
7.4 HIGH
WebP / Avif image converter
6.3 HIGH
1Password – Password Manager
7.4 HIGH
AI Exporter: Save ChatGPT, Gemini to PDF, Word, MD and Notion
6.6 HIGH