Is QuillBot: AI Writing and Grammar Checker Tool safe to use?

QuillBot: AI Writing and Grammar Checker Tool has a risk level of CRITICAL with an overall risk score of 10.0/10. Our scan detected 332 security findings. This extension has significant security concerns — review the full report before installing.

What permissions does QuillBot: AI Writing and Grammar Checker Tool request?

QuillBot: AI Writing and Grammar Checker Tool requests the following permissions: alarms, cookies, storage, activeTab, contextMenus, notifications, scripting, sidePanel. It also requests host access to: *://*/*, https://quillbot.com/, https://quillbot.com/*, https://docs.google.com/document/*, https://docs.google.com/presentation/*, https://chatgpt.com/*, https://gemini.google.com/*, *://*.wordpress.com/*, *://mail.google.com/*, .

What is QuillBot: AI Writing and Grammar Checker Tool's risk score?

QuillBot: AI Writing and Grammar Checker Tool has an overall risk score of 10.0/10 (CRITICAL). Breakdown: Permissions 10.0/10, Code 10.0/10, Combinations 10.0/10, CSP 10.0/10.

ExtSafe

QuillBot: AI Writing and Grammar Checker ToolSecurity Analysis

Chromev4.62.0MV3February 16, 2026 at 03:23 PM

10.0CRITICAL

10.0 CRITICAL

This extension shows critical risk indicators. It requests highly sensitive permissions combined with suspicious code patterns. Proceed with extreme caution.

Based on 18 permissions including high-risk ones, 320 code findings, 2 dangerous combinations.

Dangerous Combinations(2)

CRITICALCookie access + external network

Extension has cookie access and sends data to external servers — potential session token theft.

cookies+external network request

CRITICALAll-sites access + keyboard capture

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

<all_urls>+keylogger_pattern

Permissions

10.0/10

Code

10.0/10

Combinations

10.0/10

Manifest/CSP

10.0/10

Permissions(18 analyzed)

Code Findings(29 patterns, 320 total)

Libraries(1 detected)

1 library detected

Content Security Policy

CSP Present(1 issue)

LOW

object-srcobject-src not restricted

object-src is not set to 'none'. Plugins like Flash can be embedded, which may allow code execution.

Manifest Analysis(15 findings)

Resolved from __MSG_* i18n placeholders:

Name: QuillBot: AI Writing and Grammar Checker Tool

Description: Elevate your writing with QuillBot's AI-powered productivity tools: Grammar Checker, Paraphrasing Tool, AI writer, and more!

HIGH

web_accessible_resourcesJS files exposed to web pages

JavaScript files are accessible to ALL websites. Any page can load and interact with these scripts, enabling web→extension attacks.

MEDIUM

web_accessible_resources.matchesOverly broad match patterns