Extension Auditor
Extension Auditor
Sign Up

Terms of Service

Our terms of service

Terms of Service

Last updated: May 7, 2026

Welcome to Extension Auditor. These Terms of Service ("Terms") govern your access to and use of the website and services available at extensionauditor.com (collectively, the "Service"), operated by Alpha CISO Pte. Ltd. ("we", "us", "our"). By accessing or using the Service, you agree to be bound by these Terms. If you do not agree to these Terms, please do not access or use the Service.

1. Acceptance of Terms

By creating an account, accessing, or otherwise using the Service, you confirm that you have read, understood, and agree to be bound by these Terms. If you are using the Service on behalf of an organization, you represent and warrant that you have authority to bind that organization to these Terms.

2. Eligibility

You must be at least eighteen (18) years old to access or use the Service. By using the Service, you represent and warrant that you are at least eighteen (18) years old and that you have the legal capacity to enter into a binding contract under the laws of your jurisdiction. The Service is not directed at, and we do not knowingly collect personal information from, individuals under the age of 18.

3. Description of Service

Extension Auditor is a security analysis platform that scans browser extensions distributed through public marketplaces (including but not limited to the Chrome Web Store) and produces security assessments based on technical signals derived from public listings, manifest files, code patterns, and publisher metadata. The Service may include:

  • Automated risk classification and scoring of browser extensions
  • Permission and host-access analysis
  • Publisher identity and verification analysis
  • Continuous monitoring and change detection for selected extensions
  • API access to analysis results
  • Enterprise integrations with workplace identity and device-management systems

We may modify, suspend, or discontinue any portion of the Service at any time, with or without notice.

4. Account Registration and Security

To access certain features of the Service, you must create an account.

  • Accuracy of Information. You agree to provide accurate, current, and complete information during registration and to keep that information updated.
  • Account Security. You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account. You must promptly notify us of any unauthorized use of your account.
  • One Account Per User. You may not create or maintain multiple accounts to evade rate limits, billing limits, or enforcement actions taken against another account.

5. Acceptable Use

You agree to use the Service only for lawful purposes and in accordance with these Terms. In particular, you agree to:

  • Comply with all applicable laws and regulations in your use of the Service
  • Use the Service only for security research, consumer protection, internal security operations, or related lawful purposes
  • Respect the confidentiality of any non-public information made available to you through enterprise integrations
  • Accept responsibility for all activities that occur through your use of the Service

6. Prohibited Activities

You agree that you will not, and will not permit any third party acting on your behalf to:

  • Reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code, algorithms, or trade secrets of the Service, except to the extent that such restriction is prohibited by applicable law
  • Use the Service to develop, train, or improve any competing extension-analysis or risk-scoring product
  • Bypass, disable, or circumvent any rate limits, access controls, authentication mechanisms, or technical protection measures of the Service
  • Resell, sublicense, redistribute, or commercially exploit the Service, scan reports, or API output without our prior written consent
  • Submit, transmit, or upload any virus, malware, ransomware, spyware, or other malicious code through the Service
  • Submit content that is unlawful, defamatory, infringing, harassing, hateful, or otherwise objectionable
  • Use the Service to harass, defame, threaten, or violate the privacy or rights of any individual or organization
  • Use the Service in violation of any applicable export-control law or sanctions regime
  • Misrepresent your identity or affiliation when filing removal, takedown, correction, or other requests with us
  • Scrape, crawl, or extract data from the Service in a manner that exceeds documented API rate limits or that places undue load on our infrastructure
  • Use the Service to conduct unauthorized security testing of any third-party system, network, or extension

We reserve the right to investigate and take appropriate action — including suspending or terminating your account, removing content, and reporting to law enforcement — against anyone who, in our sole discretion, violates this section.

7. User-Generated Content

If you submit content to the Service — including but not limited to feedback, support tickets, comments, suggestions, bug reports, screenshots, or extension identifiers (collectively, "User Content") — you grant Alpha CISO Pte. Ltd. a worldwide, non-exclusive, royalty-free, sublicensable, and transferable license to use, reproduce, display, modify, and distribute that User Content for the purpose of operating, improving, and promoting the Service.

You represent and warrant that:

  • You own or have the necessary rights to the User Content you submit
  • The User Content does not infringe the intellectual property, privacy, or other rights of any third party
  • The User Content does not contain confidential information you are not authorized to disclose
  • The User Content complies with our Acceptable Use and Prohibited Activities provisions

We do not claim ownership of your User Content, and we do not undertake to monitor or review user-submitted content except as we determine appropriate.

8. Privacy and Data Collection

Your use of the Service is also governed by our Privacy Policy and Cookie Policy, which explain how we collect, use, and protect personal information. By using the Service, you consent to the collection and use of information as described in those policies.

9. Intellectual Property

9.1 Our Intellectual Property

The Service, including all related software, designs, content, scoring methodology, and aggregated analysis output, is owned by Alpha CISO Pte. Ltd. or its licensors and is protected by copyright, trademark, trade secret, and other intellectual property laws. We grant you a limited, non-exclusive, non-transferable, revocable license to access and use the Service in accordance with these Terms. All rights not expressly granted are reserved.

9.2 Third-Party Trademarks and Content

All trademarks, service marks, trade names, logos, product names, and brand identifiers referenced on Extension Auditor are the property of their respective owners. References to extensions, publishers, browsers, or platforms are nominative — that is, they identify the product being reviewed and do not imply any affiliation, sponsorship, or endorsement by the owner of the mark.

In particular:

  • "Chrome", "Chrome Web Store", "Google", and the Chrome logo are trademarks of Google LLC. Extension Auditor is not affiliated with, endorsed by, or sponsored by Google LLC.
  • Extension names, icons, and screenshots displayed on scan pages are sourced from the public Chrome Web Store listings of the extensions reviewed and are used for the purpose of identifying the product being analyzed.

To report alleged misuse of a trademark, or to request removal of an extension's logo or screenshots from a scan page, please see our Removals & Takedowns policy.

10. Disclaimer of Warranties

The Service is provided "AS IS" and "AS AVAILABLE", without warranties of any kind, whether express, implied, statutory, or otherwise. To the maximum extent permitted by applicable law, we disclaim all warranties, including but not limited to warranties of merchantability, fitness for a particular purpose, non-infringement, and any warranties arising out of course of dealing or usage of trade.

In particular, and without limiting the foregoing:

  • No Guarantee of Vulnerability Detection. While we strive to provide accurate security assessments, we do not warrant that scan reports identify all security risks in any extension, that any extension is free from vulnerabilities, or that the Service will detect every change in an extension's behavior or supply chain.
  • No Guarantee of Accuracy. Risk classifications, scores, and other analysis output reflect our automated assessment based on technical signals available at the time of analysis. They are opinions, not statements of fact about the extensions or their developers, and they may not reflect every relevant factor.
  • No Guarantee of Availability. We do not warrant that the Service will be uninterrupted, error-free, secure, or free from viruses, worms, or other harmful components.
  • Reliance. You should not rely solely on Extension Auditor's analysis when making security decisions about high-risk or sensitive deployments. We recommend independent verification, manual review, and the use of complementary security controls.

11. Limitation of Liability

To the maximum extent permitted by applicable law:

  • No Indirect Damages. In no event shall Alpha CISO Pte. Ltd., its affiliates, officers, directors, employees, agents, or licensors be liable for any indirect, incidental, special, consequential, exemplary, or punitive damages, including but not limited to damages for loss of profits, revenue, goodwill, data, or business opportunities, arising out of or in connection with your use of, or inability to use, the Service, regardless of the legal theory on which the claim is based and even if we have been advised of the possibility of such damages.
  • Aggregate Cap. Our total aggregate liability to you for all claims arising out of or relating to these Terms or the Service, whether in contract, tort (including negligence), or otherwise, shall not exceed the greater of (a) the amount you paid to us, if any, for access to the Service in the twelve (12) months preceding the event giving rise to the claim, or (b) one hundred Singapore dollars (S$100).
  • Essential Basis. The disclaimers and limitations in these Terms are essential elements of the bargain between you and us, and we would not provide the Service in their absence.

Some jurisdictions do not allow the exclusion or limitation of certain damages; in those jurisdictions, our liability shall be limited to the maximum extent permitted by law.

12. Indemnification

You agree to indemnify, defend, and hold harmless Alpha CISO Pte. Ltd., its affiliates, and their respective officers, directors, employees, agents, and licensors (each, an "Indemnified Party") from and against any and all claims, liabilities, damages, losses, judgments, settlements, and expenses (including reasonable attorneys' fees and costs) arising out of or in connection with:

  • Your use of the Service in violation of these Terms or applicable law
  • Your redistribution, republication, or commercial exploitation of scan reports, API output, or other Service content
  • Any User Content you submit to the Service
  • Your violation of any third-party right, including intellectual property, privacy, or publicity rights
  • Any misrepresentation made by you to us, including in a removal, takedown, correction, or counter-notice request

We reserve the right, at our own expense, to assume the exclusive defense and control of any matter otherwise subject to indemnification by you, in which event you agree to cooperate with our defense.

13. Termination

  • By You. You may terminate your account at any time by following the instructions in your account settings or by contacting us.
  • By Us. We reserve the right to suspend or terminate your access to the Service at any time, with or without notice, for any reason, including without limitation any violation of these Terms or any conduct that we believe is harmful to other users, to us, or to third parties.
  • Effect of Termination. Upon termination, your right to access and use the Service ceases immediately. Sections that by their nature should survive termination — including intellectual property, disclaimers, limitations of liability, indemnification, governing law, and these survival provisions — shall survive.

14. Governing Law and Dispute Resolution

These Terms, and any dispute arising out of or in connection with these Terms or the Service, shall be governed by and construed in accordance with the laws of the Republic of Singapore, without regard to its conflict of laws principles.

Any dispute, controversy, or claim arising out of or in connection with these Terms — including any question regarding their existence, validity, or termination — shall be referred to and finally resolved by arbitration administered by the Singapore International Arbitration Centre ("SIAC") in accordance with the Arbitration Rules of the SIAC for the time being in force, which rules are deemed to be incorporated by reference in this section. The seat of the arbitration shall be Singapore. The tribunal shall consist of one (1) arbitrator. The language of the arbitration shall be English.

Notwithstanding the foregoing, either party may seek injunctive or other equitable relief in any court of competent jurisdiction to protect its intellectual property rights or confidential information.

15. International Use and Export Control

The Service is operated from Singapore and made available globally. We make no representation that the Service is appropriate or available for use in any particular jurisdiction. You access the Service on your own initiative and are responsible for compliance with applicable local laws.

You agree to comply with all applicable export-control and sanctions laws, including those of Singapore, the European Union, the United Kingdom, and the United States. You represent and warrant that (a) you are not located in, under the control of, or a national or resident of any country or territory subject to comprehensive sanctions, and (b) you are not on any government list of prohibited or restricted parties. You agree not to use the Service in connection with any activity that would cause us to violate applicable export-control or sanctions laws.

16. Business and Enterprise Customers

If you access the Service on behalf of an organization for which the personal data of other natural persons (such as your colleagues, employees, or customers) will be processed, you may be the "controller" and we may be the "processor" with respect to that data under applicable data protection laws (including GDPR Article 28). On request, we will enter into our standard Data Processing Addendum ("DPA") with you, which forms part of these Terms when executed. To request a copy or to negotiate enterprise terms (including service-level commitments and custom indemnities), contact [email protected].

17. Entire Agreement

These Terms, together with the Privacy Policy, the Cookie Policy, the Removals & Takedowns Policy, the Scoring Methodology page, and any Data Processing Addendum or other policies referenced herein, constitute the entire agreement between you and Alpha CISO Pte. Ltd. regarding your use of the Service, and supersede all prior or contemporaneous understandings, agreements, representations, and warranties — whether written or oral — regarding the same subject matter. Any waiver of any provision of these Terms must be in writing and signed by us; failure to enforce any provision shall not constitute a waiver. If any provision is held to be unenforceable, the remaining provisions shall continue in full force and effect.

18. Changes to Terms

We may revise these Terms from time to time at our sole discretion. The most current version will always be posted on this page. If a revision is material, we will provide notice as required by applicable law — for example, by email, through the Service, or by updating the "Last updated" date at the top of this page. Your continued use of the Service after revisions become effective constitutes your acceptance of the updated Terms.

19. Contact Information

For questions about these Terms, please contact us: