Is __MSG_name__ safe to use?

__MSG_name__ has a risk level of MEDIUM with an overall risk score of 4.2/10. Our scan detected 11 security findings. This extension has some risks worth reviewing.

What permissions does __MSG_name__ request?

__MSG_name__ requests the following permissions: management, nativeMessaging, tabs, scripting. It also requests host access to: .

What is __MSG_name__'s risk score?

__MSG_name__ has an overall risk score of 4.2/10 (MEDIUM). Breakdown: Permissions 8.5/10, Code 6.3/10, Combinations 0.0/10, CSP 3.9/10.

ExtSafe

__MSG_name__Security Analysis

Chromev3.2.12MV3February 18, 2026 at 11:41 AM

Use with caution

This extension requests significant permissions. It has 3M+ users, is published by PF SKB KONTUR, AO, but review the findings below.

4.2MEDIUM

4.2 MEDIUMRaw: 5.3

This extension shows some risk signals that are common in legitimate extensions but worth reviewing. Check the details below.

Based on 5 permissions including high-risk ones, 6 code findings.

Trust Signals(4.3/10)

Users

3.0M

Rating

4.0(20 reviews)

Developer

PF SKB KONTUR, AO

Permissions

8.5/10

Code

6.3/10

Combinations

0.0/10

Manifest/CSP

3.9/10

Permissions(5 analyzed)

Code Findings(4 patterns, 6 total)

Content Security Policy

No CSP Defined(1 issue)

MEDIUM

N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(1 finding)

HIGH

content_scriptsAggressive content script injection

Content script runs at document_start in ALL frames on ALL URLs. This gives the extension deep access to every page load, including iframes.

External Domains(3)

addons.opera.comchromewebstore.google.commicrosoftedge.microsoft.com

Indicators of Compromise

7 indicators of compromise found

File Statistics

Total Files

JS Files

24.6 KB

Total Size

Other Scanned Extensions

Image downloader - Imageye