v1.2.0 Stable Release

Verify trust in your
browser environment

A professional-grade auditing tool for Chrome extensions. Analyze permission manifests locally. Detect broad access risks. Zero data exfiltration.

Add to Chrome View Documentation
Local Processing Open Source No Tracking

The Blind Spot in Your Browser

Silent Access Expansion

Extensions often request <all_urls> permission, granting read/write access to every page you visit—including banking and email sessions.

Data Exfiltration Risk

Legitimate extensions can be sold to bad actors who push updates to siphon user data. Without auditing, these changes go unnoticed.

manifest.json
"permissions": [
"<all_urls>", // Critical Risk
"webRequest", // High Risk
"webRequestBlocking",
"storage"
]

Technical Security Architecture

Built with a defense-in-depth approach. We optimize for transparency, not interference.

Local Execution

The analysis engine runs entirely within the extension popup context. No data is serialized or transmitted to any remote server.

Weighted Scoring

Permissions are mapped to a deterministic risk score (0-100). We normalize weights based on the principle of least privilege.

Data Isolation

We do not use analytics, crash reporting, or third-party scripts. Your extension inventory remains private to your local machine.

Zero-Knowledge Commitment

No Analytics
No Tracking
No Ads
No Cloud DB

Read our full Privacy Policy and Security Model.