Is Translator safe to use?

Translator has a risk level of MEDIUM with an overall risk score of 4.4/10. Our scan detected 35 security findings. This extension has some risks worth reviewing.

What permissions does Translator request?

Translator requests the following permissions: tabs, activeTab, contextMenus, storage. It also requests host access to: .

What is Translator's risk score?

Translator has an overall risk score of 4.4/10 (MEDIUM). Breakdown: Permissions 7.0/10, Code 2.6/10, Combinations 10.0/10, CSP 3.1/10.

ExtSafe

TranslatorSecurity Analysis

Chromev2.0.2MV3March 11, 2026 at 01:21 AM

Use with caution

This extension requests significant permissions. It has 100K+ users, a 4.5 star rating, is published by Curly Doggo Limited, but review the findings below.

4.4MEDIUM

4.4 MEDIUMRaw: 5.5

This extension shows some risk signals that are common in legitimate extensions but worth reviewing. Check the details below.

Based on 5 permissions including high-risk ones, 33 code findings, 1 dangerous combination.

Trust Signals(4.5/10)

Users

100K

Rating

4.5(187 reviews)

Developer

Curly Doggo Limited

Status

Featured

Dangerous Combinations(1)

CRITICALAll-sites access + keyboard capture

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

<all_urls>+keylogger_pattern

Permissions

7.0/10

Code

2.6/10

Combinations

10.0/10

Manifest/CSP

3.1/10

Permissions(5 analyzed)

Code Findings(11 patterns, 33 total)

Libraries(1 detected)

1 library detected

Content Security Policy

No CSP Defined(1 issue)

MEDIUM

N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(1 finding)

Resolved from __MSG_* i18n placeholders:

Name: Translator

Description: Right click to translate websites and PDF documents using Google Translate

MEDIUM

content_scriptsContent script injected on all URLs

Content script matches <all_urls>, executing on every website the user visits.

External Domains(33)

api2.mytranslator.appbugs.chromium.orgbugzilla.mozilla.orgcaniuse.comcode.google.comdev.todevelop.sentry.devdeveloper.microsoft.comdevelopers.facebook.comdevelopers.google.comdocs.google.comelectronjs.orgfetch.spec.whatwg.orggithub.comhtml.spec.whatwg.orginfra.spec.whatwg.orglocalhostmodernizr.comreactjs.orgsemver.orgstackoverflow.comtools.ietf.orgtranslate.google.comurl.spec.whatwg.orgv8.devw3c.github.iowebidl.spec.whatwg.orgwww.andismith.comwww.example.comwww.owasp.orgwww.quirksmode.orgwww.thespanner.co.ukwww.whatwg.org