Permanent clipboardSecurity Analysis

Extension reads clipboard and communicates externally — potential credential or crypto address theft.

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

Creates functions from strings, similar to eval(), often used to hide malicious code.

Injects and executes scripts in web pages programmatically.

Listens for keyboard events, a common technique used by keyloggers.

Dynamically sets a script's src attribute to load external code at runtime.

Creates a function from a string (new Function()), similar to eval().

Decodes base64 data, commonly used to hide malicious payloads.

Sends messages via Chrome runtime, could communicate with external services.

Modifies window.location to redirect the user, potentially to phishing or malicious pages.

JavaScript file could not be parsed and has high entropy. May contain obfuscated code.

Line exceeds 5000 characters (entropy: 5.3353323248291895)

Extension uses tab tracking APIs (onUpdated/query) and communicates with external servers — potential browsing surveillance.

Encodes data to base64, may be used for data exfiltration.

Reads or writes to localStorage, which may contain sensitive site data.

object-src is not set to 'none'. Plugins like Flash can be embedded, which may allow code execution.