ExtSafe

Web Threat ShieldSecurity Analysis

Chromev2.3.25330.1MV3February 16, 2026 at 03:17 PM
9.2CRITICAL
9.2 CRITICAL

This extension shows critical risk indicators. It requests highly sensitive permissions combined with suspicious code patterns. Proceed with extreme caution.

Based on 7 permissions including high-risk ones, 121 code findings, 2 dangerous combinations.

Dangerous Combinations(2)

CRITICALNetwork interception + external communication

Extension intercepts network traffic and sends data externally — potential man-in-the-middle behavior.

webRequest/webRequestBlocking+external network request
CRITICALAll-sites access + keyboard capture

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

<all_urls>+keylogger_pattern
Permissions
10.0/10
Code
10.0/10
Combinations
10.0/10
Manifest/CSP
1.8/10

Permissions(7 analyzed)

Code Findings(13 patterns, 121 total)

Content Security Policy

CSP Present(1 issue)
LOW
object-srcobject-src not restricted

object-src is not set to 'none'. Plugins like Flash can be embedded, which may allow code execution.

Manifest Analysis(1 finding)

Resolved from __MSG_* i18n placeholders:

Description: Keeps you safe when browsing the web by identifying and blocking dangerous websites.

LOW
externally_connectableExternal messaging enabled

Extension accepts messages from 1 external pattern(s). Verify these are trusted origins.

External Domains(6)

*127.0.0.1answers.webroot.comsn.webrootcloudav.comwf.webrootanywhere.comwww.webroot.com

Indicators of Compromise

10 indicators of compromise found

File Statistics

66
Total Files
15
JS Files
1.6 MB
Total Size

Other Scanned Extensions

Urban VPN Proxy
8.2 CRITICAL
BrowserGPT: ChatGPT Anywhere Powered by GPT 4
8.2 CRITICAL
MyJDownloader Browser Extension
8.4 CRITICAL
__MSG_appName__
8.0 CRITICAL
HARPA AI: Web Automation with ChatGPT, Claude, Gemini, Grok
9.8 CRITICAL
Phantom
9.6 CRITICAL