Scan summary
7.0
HIGH
7.0
Risk Score
3
Findings
0
Vulnerabilities
0
Malicious Domains
CRITICAL 1 rule
CSP Header Removal (declarativeNetRequest) background.js:1 × 1
REMOVES Content-Security-Policy header - CONFIRMED MALWARE TECHNIQUE that enables remote code execution
REMOVES Content-Security-Policy header - CONFIRMED MALWARE TECHNIQUE that enables remote code execution
HIGH 2 rules
Tab URL to Network Sink background.js:1 × 1
Tab URL is accessed near a network call - review if URL data flows to external server
Tab URL is accessed near a network call - review if URL data flows to external server
DNR Header Modification background.js:1 × 1
Modifies HTTP headers via DeclarativeNetRequest - can remove security headers or inject tracking
Modifies HTTP headers via DeclarativeNetRequest - can remove security headers or inject tracking