Overview
Extension Auditor is a powerful browser extension that helps users understand and evaluate the security implications of their installed browser extensions. We are committed to protecting your privacy and ensuring that our extension operates with minimal permissions while providing maximum security benefits.
Data Collection & Privacy Focus
What We Analyze
- Installed extensions and their metadata
- Extension permissions and their security implications
- Host access patterns and potential privacy risks
- Content script interactions with web pages
- Extension manifest settings and security practices
- Combined risk assessment based on multiple security factors
Privacy Commitment
Extension Auditor runs entirely in your browser and does not:
- Collect any personal data
- Send data to external servers
- Modify any other extensions
- Modify webpage content
- Track browsing history or behavior
- Store any data outside your browser
Required Permissions
Extension Auditor requires specific permissions to provide its security analysis features. Each permission serves a distinct purpose:
Core Permissions
management
: Essential for accessing information about installed extensions, including their manifests, permissions, and settingsstorage
: Stores your preferences and analysis results locally in your browserunlimitedStorage
: Ensures we can store comprehensive analysis data without size limitations
User Interface Permissions
sidePanel
: Powers our convenient side panel interface for quick access to security insightscontextMenus
: Enables right-click menu options for quick access to extension featuresnotifications
: Allows us to alert you about important security findings or extension status changes
Functionality Permissions
commands
: Enables keyboard shortcuts for quick access to features:- Open Side Panel (Ctrl+Shift+K / Command+Shift+K)
- Open Dashboard (Ctrl+Shift+E / Command+Shift+E)
- Reload Extension (Ctrl+Shift+Y / Command+Shift+Y)
alarms
: Used for scheduling periodic security scans and updates
Security Measures
We implement strict security policies:
- Content Security Policy (CSP) restricts script and object sources to only our extension
- Minimum Chrome version requirement (v120+) ensures security features availability
- Offline functionality support for privacy-focused operation
How It Works
On-device Analysis
Extension Auditor performs all analysis locally in your browser, evaluating:
- Permission Analysis: Evaluates permissions and their security implications
- Host Access: Identifies broad host permissions that could pose privacy risks
- Content Script Analysis: Examines how extensions interact with web pages
- Manifest Analysis: Reviews extension manifest settings for security best practices
- Combined Risk Assessment: Calculates overall risk based on multiple security factors
Risk Classification
- Critical: Highly sensitive permissions or combinations that could be dangerous if misused
- High: Permissions that could potentially be used maliciously
- Medium: Permissions that require caution as they provide significant capabilities
- Low: Permissions with limited potential for misuse
Contact Us
If you have any questions about our privacy policy or security practices, please contact us at support@extensionauditor.com