ExtSafe

Umbra Dark ModeSecurity Analysis

Chromev1.0.3MV3February 18, 2026 at 11:34 AM
Use with caution

This extension requests significant permissions. It has 10K+ users, but review the findings below.

5.0MEDIUM
5.0 MEDIUMRaw: 5.6

This extension shows some risk signals that are common in legitimate extensions but worth reviewing. Check the details below.

Based on 5 permissions including high-risk ones, 18 code findings.

Trust Signals(2.8/10)

Users
10K
Rating
3.8(30 reviews)
Status
Featured
Permissions
7.0/10
Code
7.8/10
Combinations
0.0/10
Manifest/CSP
5.0/10

Permissions(5 analyzed)

Code Findings(12 patterns, 18 total)

Content Security Policy

No CSP Defined(1 issue)
MEDIUM
N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(2 findings)

Resolved from __MSG_* i18n placeholders:

Name: Umbra Dark Mode

Description: Experience the Elegance of Umbra: Seamless Dark Mode for Enhanced Browsing

HIGH
web_accessible_resourcesJS files exposed to web pages

JavaScript files are accessible to ALL websites. Any page can load and interact with these scripts, enabling web→extension attacks.

MEDIUM
web_accessible_resources.matchesOverly broad match patterns

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

External Domains(2)

github.comnpms.io

Indicators of Compromise

11 indicators of compromise found

File Statistics

72
Total Files
5
JS Files
1.2 MB
Total Size

Other Scanned Extensions

Obsidian Web Clipper
4.8 MEDIUM
ProKeys
5.2 MEDIUM
Save Image As...
3.7 MEDIUM
Image downloader - Imageye
4.2 MEDIUM
uBlock Origin Lite
5.7 MEDIUM
Stream Cleaner
4.3 MEDIUM