ExtSafe

Google Dictionary (by Google)Security Analysis

Chromev4.2.6MV3February 16, 2026 at 03:14 PM
9.1CRITICAL
9.1 CRITICAL

This extension shows critical risk indicators. It requests highly sensitive permissions combined with suspicious code patterns. Proceed with extreme caution.

Based on 2 permissions including high-risk ones, 20 code findings, 1 dangerous combination.

Dangerous Combinations(1)

CRITICALAll-sites access + keyboard capture

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

<all_urls>+keylogger_pattern
Permissions
9.0/10
Code
9.8/10
Combinations
10.0/10
Manifest/CSP
5.9/10

Permissions(2 analyzed)

Code Findings(10 patterns, 20 total)

Libraries(2 detected)

2 libraries detected, 1 with known vulnerabilities

Content Security Policy

No CSP Defined(1 issue)
MEDIUM
N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(2 findings)

MEDIUM
web_accessible_resources.matchesOverly broad match patterns

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

MEDIUM
content_scriptsContent script injected on all URLs

Content script matches <all_urls>, executing on every website the user visits.

External Domains(6)

dictionaryextension-pa.googleapis.comgithub.comissues.apache.orgsupport.google.comtranslate.google.comwww.google-analytics.com

Indicators of Compromise

7 indicators of compromise found

File Statistics

23
Total Files
6
JS Files
99.1 KB
Total Size

Other Scanned Extensions

Urban VPN Proxy
8.2 CRITICAL
BrowserGPT: ChatGPT Anywhere Powered by GPT 4
8.2 CRITICAL
MyJDownloader Browser Extension
8.4 CRITICAL
__MSG_appName__
8.0 CRITICAL
HARPA AI: Web Automation with ChatGPT, Claude, Gemini, Grok
9.8 CRITICAL
Phantom
9.6 CRITICAL