HARPA AI: Web Automation with ChatGPT, Claude, Gemini, GrokSecurity Analysis

Extension has cookie access and sends data to external servers — potential session token theft.

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

Creates functions from strings, similar to eval(), often used to hide malicious code.

Dynamically creates script elements, potentially loading external malicious code.

Uses eval() to execute dynamic code, a common technique for obfuscation and code injection.

Listens for keyboard events, a common technique used by keyloggers.

Dynamically sets a script's src attribute to load external code at runtime.

Reads clipboard contents via the Clipboard API — can access copied passwords, crypto addresses, or sensitive data.

Accesses browser cookies programmatically, could be used to steal session tokens.

Injects and executes scripts in web pages programmatically.

Creates a function from a string (new Function()), similar to eval().

Uses eval() to execute dynamic code — a common vector for code injection.

JavaScript files are accessible to ALL websites. Any page can load and interact with these scripts, enabling web→extension attacks.

Content script runs at document_start in ALL frames on ALL URLs. This gives the extension deep access to every page load, including iframes.

Extension tracks open tabs and communicates with external servers — potential browsing surveillance.

Decodes base64 data, commonly used to hide malicious payloads.

Modifies window.location to redirect the user, potentially to phishing or malicious pages.

Uses XMLHttpRequest to make network calls.

Opens WebSocket connections, which can be used for persistent command-and-control channels.

Makes HTTP requests to external servers, may be used for data exfiltration.

Sends messages via Chrome runtime, could communicate with external services.

Dynamically creates iframe elements, which can be used to load external content or hide malicious UI.

Intercepts form submissions, could capture login credentials.

JavaScript file could not be parsed. May contain obfuscated or minified code.

Opens a WebSocket connection, which can be used for persistent C2 channels.

Line exceeds 5000 characters (entropy: 5.557455409411618)

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

Encodes data to base64, may be used for data exfiltration.

Creates a Web Worker, which runs code in a separate thread — can be used for background computation or crypto mining.

Sets innerHTML directly, which can lead to XSS if used with untrusted data.

Reads or writes to localStorage, which may contain sensitive site data.

object-src is not set to 'none'. Plugins like Flash can be embedded, which may allow code execution.

vs/editor/editor.main.js

pp-libs.js