ExtSafe

Signer.Digital Digital Signature, PKISecurity Analysis

Chromev5.1.2MV3February 16, 2026 at 03:37 PM
9.5CRITICAL
9.5 CRITICAL

This extension shows critical risk indicators. It requests highly sensitive permissions combined with suspicious code patterns. Proceed with extreme caution.

Based on 3 permissions including high-risk ones, 14 code findings, 1 dangerous combination.

Dangerous Combinations(1)

CRITICALAll-sites access + keyboard capture

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

<all_urls>+keylogger_pattern
Permissions
10.0/10
Code
9.4/10
Combinations
10.0/10
Manifest/CSP
7.0/10

Permissions(3 analyzed)

Code Findings(11 patterns, 14 total)

Content Security Policy

CSP Present(1 issue)
LOW
object-srcobject-src not restricted

object-src is not set to 'none'. Plugins like Flash can be embedded, which may allow code execution.

Manifest Analysis(3 findings)

HIGH
web_accessible_resourcesJS files exposed to web pages

JavaScript files are accessible to ALL websites. Any page can load and interact with these scripts, enabling web→extension attacks.

MEDIUM
web_accessible_resources.matchesOverly broad match patterns

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

MEDIUM
content_scriptsContent script injected on all URLs

Content script matches <all_urls>, executing on every website the user visits.

External Domains(4)

downloads.signer.digitalsigner.digitalstackoverflow.comweb.signer.digital

Indicators of Compromise

11 indicators of compromise found

File Statistics

13
Total Files
4
JS Files
85.8 KB
Total Size

Other Scanned Extensions

Urban VPN Proxy
8.2 CRITICAL
BrowserGPT: ChatGPT Anywhere Powered by GPT 4
8.2 CRITICAL
MyJDownloader Browser Extension
8.4 CRITICAL
__MSG_appName__
8.0 CRITICAL
HARPA AI: Web Automation with ChatGPT, Claude, Gemini, Grok
9.8 CRITICAL
Phantom
9.6 CRITICAL