Is Redux DevTools safe to use?

Redux DevTools has a risk level of CRITICAL with an overall risk score of 8.7/10. Our scan detected 95 security findings. This extension has significant security concerns — review the full report before installing.

What permissions does Redux DevTools request?

Redux DevTools requests the following permissions: notifications, contextMenus, storage. It also requests host access to: file:///*, http://*/*, https://*/*, .

What is Redux DevTools's risk score?

Redux DevTools has an overall risk score of 8.7/10 (CRITICAL). Breakdown: Permissions 10.0/10, Code 10.0/10, Combinations 0.0/10, CSP 6.7/10.

ExtSafe

Redux DevToolsSecurity Analysis

Chromev3.2.10MV3February 16, 2026 at 01:16 PM

8.7CRITICAL

8.7 CRITICAL

This extension shows critical risk indicators. It requests highly sensitive permissions combined with suspicious code patterns. Proceed with extreme caution.

Based on 7 permissions including high-risk ones, 91 code findings.

Permissions

10.0/10

Code

10.0/10

Combinations

0.0/10

Manifest/CSP

6.7/10

Permissions(7 analyzed)

Code Findings(14 patterns, 91 total)

Libraries(3 detected)

3 libraries detected

Content Security Policy

CSP Present(1 issue)

LOW

object-srcobject-src not restricted

object-src is not set to 'none'. Plugins like Flash can be embedded, which may allow code execution.

Manifest Analysis(3 findings)

HIGH

content_scriptsAggressive content script injection

Content script runs at document_start in ALL frames on ALL URLs. This gives the extension deep access to every page load, including iframes.

HIGH

content_scriptsAggressive content script injection

Content script runs at document_start in ALL frames on ALL URLs. This gives the extension deep access to every page load, including iframes.

INFO

devtools_pageHas DevTools panel

Extension registers a DevTools panel page. DevTools extensions have access to inspected page network traffic and DOM.

External Domains(26)

atelierbram.github.iochriskempson.comchuck.harmston.chclrs.cccscorley.github.ioethanschoonover.comgit.iogithub.comhart-dev.comjcornwall.comjson-schema.orgleetless.delodash.commozilla.github.ioopenjsf.orgrailscasts.comraw.githubusercontent.comreactjs.orgredux.js.orgsethawright.comtimotheepoisot.frtybenz.comunderscorejs.orgwww.kreativekorp.comwww.lexaloffle.comwww.monokai.nl