Is WhatFont safe to use?

WhatFont has a risk level of MEDIUM with an overall risk score of 5.1/10. Our scan detected 25 security findings. This extension has some risks worth reviewing.

What permissions does WhatFont request?

WhatFont requests the following permissions: activeTab, scripting.

What is WhatFont's risk score?

WhatFont has an overall risk score of 5.1/10 (MEDIUM). Breakdown: Permissions 3.0/10, Code 10.0/10, Combinations 0.0/10, CSP 2.6/10.

ExtSafe

WhatFontSecurity Analysis

Chromev3.2.0MV3February 16, 2026 at 03:38 PM

5.1MEDIUM

5.1 MEDIUM

This extension shows some risk signals that are common in legitimate extensions but worth reviewing. Check the details below.

Based on 2 permissions analyzed, 24 code findings.

Permissions

3.0/10

Code

10.0/10

Combinations

0.0/10

Manifest/CSP

2.6/10

Permissions(2 analyzed)

Code Findings(6 patterns, 24 total)

Libraries(1 detected)

1 library detected

Content Security Policy

No CSP Defined(1 issue)

MEDIUM

N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(0 findings)

No manifest-level concerns found.

External Domains(4)

chengyinliu.comfb.meo4506814553522176.ingest.sentry.ioreactjs.org

Indicators of Compromise

9 indicators of compromise found

File Statistics

Total Files

JS Files

2.3 MB

Total Size

Other Scanned Extensions

Image downloader - Imageye