Screenshot reader™Security Analysis

Uses eval() to execute dynamic code, a common technique for obfuscation and code injection.

Creates functions from strings, similar to eval(), often used to hide malicious code.

Object.defineProperty() called on window — can intercept and override built-in browser APIs.

Creates a function from a string (new Function()), similar to eval().

Uses eval() to execute dynamic code — a common vector for code injection.

Decodes base64 data, commonly used to hide malicious payloads.

Opens WebSocket connections, which can be used for persistent command-and-control channels.

Sends messages via Chrome runtime, could communicate with external services.

Modifies window.location to redirect the user, potentially to phishing or malicious pages.

Dynamically creates iframe elements, which can be used to load external content or hide malicious UI.

Uses XMLHttpRequest to make network calls.

Opens a WebSocket connection, which can be used for persistent C2 channels.

JavaScript file could not be parsed. May contain obfuscated or minified code.

Line exceeds 5000 characters (entropy: 5.208585822642618)

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

Content script matches <all_urls>, executing on every website the user visits.

Encodes data to base64, may be used for data exfiltration.

Reads or writes to localStorage, which may contain sensitive site data.

Sets innerHTML directly, which can lead to XSS if used with untrusted data.

Creates a Web Worker, which runs code in a separate thread — can be used for background computation or crypto mining.

Extension accepts messages from 5 external pattern(s). Verify these are trusted origins.