Back to skill

Security audit

Chrome Extension

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Chrome extension development guide; it covers powerful extension capabilities, but they are disclosed and aligned with that purpose.

Use this skill as a development reference, but review any generated extension for narrow host permissions, clear runtime consent, allowlisted relay destinations, and avoidance of broad CSP/header changes unless they are truly necessary. Approve git, npm, or gh commands only when they match the task you intended.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The reference shows an example manifest with `unsafe-eval` under the `extension_pages` CSP, while later text correctly states MV3 forbids relaxing `extension_pages` CSP. In a Chrome extension skill, this is dangerous because readers may copy the invalid or insecure-looking example into real projects, causing insecure design decisions or failed reviews and normalizing unsafe CSP practices.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This documentation explicitly teaches removal of the Content-Security-Policy header via declarativeNetRequest and also recommends very broad optional host permissions such as https://*/*. In a Chrome-extension skill, that guidance materially enables extensions to weaken site security boundaries and gain broad cross-origin network reach, which increases the risk of data exfiltration, session abuse, and unsafe behavior if copied into production code.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.