ExtSafe

Snap&ReadSecurity Analysis

Chromev5.0.14.824MV3February 16, 2026 at 03:12 PM
9.8CRITICAL
9.8 CRITICAL

This extension shows critical risk indicators. It requests highly sensitive permissions combined with suspicious code patterns. Proceed with extreme caution.

Based on 26 permissions including high-risk ones, 297 code findings, 3 dangerous combinations.

Dangerous Combinations(3)

HIGHTab tracking + external communication

Extension tracks open tabs and communicates with external servers — potential browsing surveillance.

tabs+external network request
CRITICALNetwork interception + external communication

Extension intercepts network traffic and sends data externally — potential man-in-the-middle behavior.

webRequest/webRequestBlocking+external network request
CRITICALAll-sites access + keyboard capture

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

<all_urls>+keylogger_pattern
Permissions
10.0/10
Code
10.0/10
Combinations
10.0/10
Manifest/CSP
8.0/10

Permissions(26 analyzed)

Code Findings(31 patterns, 297 total)

Libraries(11 detected)

11 libraries detected, 4 with known vulnerabilities

Content Security Policy

CSP Present(1 issue)
LOW
object-srcobject-src not restricted

object-src is not set to 'none'. Plugins like Flash can be embedded, which may allow code execution.

Manifest Analysis(5 findings)

HIGH
web_accessible_resourcesJS files exposed to web pages

JavaScript files are accessible to ALL websites. Any page can load and interact with these scripts, enabling web→extension attacks.

MEDIUM
web_accessible_resources.matchesOverly broad match patterns

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

LOW
externally_connectableExternal messaging enabled

Extension accepts messages from 3 external pattern(s). Verify these are trusted origins.

MEDIUM
content_scriptsContent script injected on all URLs

Content script matches <all_urls>, executing on every website the user visits.

MEDIUM
content_scriptsContent script injected on all URLs

Content script matches <all_urls>, executing on every website the user visits.

External Domains(78)

${chrome.runtime.idacademy.texthelp.comapp.wordbank.ioapp.wordbank.qadji.comapp.wordbank.stagedji.comasciidoc.orgasciidoctor.orgbitbucket.orgbugs.chromium.orgbugs.jquery.combugs.webkit.orgbugzilla.mozilla.orgcdn.devdji.comcdn.donjohnston.netcitations.donjohnston.netcitations.qadji.comcitations.stagedji.comconnect.microsoft.comdapi.donjohnston.netdapi.qadji.comdapi.stagedji.comdefinition.donjohnston.netdefinition.qadji.comdefinition.stagedji.comdiscourse.citationstyles.orgdocs.microsoft.comdoi.orgdrafts.csswg.orgdrive.google.comemscripten.orgen.wikipedia.orgencoding.spec.whatwg.orgforums.zotero.orggit.iogithub.comhtml.spec.whatwg.orginfra.spec.whatwg.orgjquery.comjquery.orgjsperf.comlogin.donjohnston.netlogin.qadji.comlogin.stagedji.commarkjs.ionarwhaljs.orgns.adobe.comopensource.orgorbit-kit-client-dev-mc.texthelp.devorbit.texthelp.comorbitnote-stg.dev.texthelp.compdfmake.orgpromisesaplus.compurl.orgsnapandread.comsnapandread.qadji.comsnapandread.stagedji.comsrc.chromium.orgstackoverflow.comtc39.estc39.github.iotools.ietf.orgtranslate.donjohnston.nettranslate.google.comtranslate.qadji.comtranslate.stagedji.comtts.donjohnston.nettts.qadji.comtts.stagedji.comwiki.apache.orgwww.aiim.orgwww.alistapart.comwww.apache.orgwww.cambridgelms.orgwww.everway.comwww.gnu.orgwww.google-analytics.comwww.npmjs.comwww.unicode.org

Indicators of Compromise

60 indicators of compromise found

File Statistics

243
Total Files
94
JS Files
116.9 MB
Total Size

Other Scanned Extensions

Urban VPN Proxy
8.2 CRITICAL
BrowserGPT: ChatGPT Anywhere Powered by GPT 4
8.2 CRITICAL
MyJDownloader Browser Extension
8.4 CRITICAL
__MSG_appName__
8.0 CRITICAL
HARPA AI: Web Automation with ChatGPT, Claude, Gemini, Grok
9.8 CRITICAL
Phantom
9.6 CRITICAL