ExtSafe

Wordle TimelessSecurity Analysis

Chromev1.0.3MV3February 18, 2026 at 11:38 AM
Potentially unsafe

This extension shows concerning patterns that may indicate risky behavior. Proceed with caution.

7.1HIGH
7.1 HIGH

This extension shows significant risk signals. Review the findings below carefully before installing or continuing to use it.

Based on 4 permissions including high-risk ones, 18 code findings, 1 dangerous combination.

Trust Signals(1.5/10)

Users
10K
Rating
4.2(22 reviews)

Dangerous Combinations(1)

CRITICALAll-sites access + keyboard capture

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

<all_urls>+keylogger_pattern
Permissions
7.0/10
Code
6.8/10
Combinations
10.0/10
Manifest/CSP
4.3/10

Permissions(4 analyzed)

Code Findings(11 patterns, 18 total)

Content Security Policy

No CSP Defined(1 issue)
MEDIUM
N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(2 findings)

Resolved from __MSG_* i18n placeholders:

Name: Wordle Timeless

Description: Unleash Your Word Prowess: Experience Timeless Wordle Fun Offline

MEDIUM
web_accessible_resources.matchesOverly broad match patterns

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

MEDIUM
content_scriptsContent script injected on all URLs

Content script matches <all_urls>, executing on every website the user visits.

External Domains(2)

github.comwordled.online

Indicators of Compromise

3 indicators of compromise found

File Statistics

15
Total Files
6
JS Files
205.8 KB
Total Size

Other Scanned Extensions

Permanent clipboard
6.2 HIGH
Snippet Manager
6.4 HIGH
1Password – Password Manager
7.4 HIGH
WebP / Avif image converter
6.3 HIGH
1Password – Password Manager
7.4 HIGH
AI Exporter: Save ChatGPT, Gemini to PDF, Word, MD and Notion
6.6 HIGH