SafeExtensions scans installed Chrome extensions locally to surface privacy risks. All analysis stays on-device with transparent, deterministic logic.
- Load unpacked: open chrome://extensions, enable Developer mode, choose this folder.
- Click the toolbar icon to run a scan and view scores.
- Disable or uninstall risky extensions directly from the popup.
| Feature | Description | Status |
|---|---|---|
| Local scanning | Analyzes installed extensions without sending data out | ✅ |
| Risk scoring | 0-10 score with severity badges | ✅ |
| Permission and host review | Flags dangerous permissions and broad host access | ✅ |
| Tracker checks | Detects known tracker domains | ✅ |
| Actions | Disable or uninstall from the popup | ✅ |
| CSV export | Download scan summaries | ✅ |
| IndexedDB storage | Persists scan results locally | ✅ |
| Onboarding tour | Guided first-run walkthrough in popup | ✅ |
| Safety disclaimer | Built-in disclaimer modal for risk interpretation | ✅ |
management: read installed extension metadata for local analysisstorage: save scan results and onboarding state locally
- More fingerprinting and network heuristics
- Automated tests for risk rules and UI
- Store listing assets and release automation
- Optional TypeScript and linting/formatting configs
- No telemetry: nothing is tracked or sent anywhere
- No remote calls: works fully offline
- 100% local analysis & storage: all data stays on your device
Want to contribute? see docs/CONTRIBUTING.md for guidelines focused on privacy-first, readable, auditable changes.
This project is licensed under the Mozilla Public License 2.0 (MPL-2.0). See LICENSE.
Support: Open an issue at https://github.com/CSroseX/SafeExtensions/issues