Extension Auditor
Extension Auditor
Sign Up
CRX Loader

CRX Loader

ID: chokhpikgifdgmfipekibjgnhhmkddon

Supported Languages

๐Ÿ‡ช๐Ÿ‡นAmharic
๐Ÿ‡ธ๐Ÿ‡ฆArabic
๐Ÿ‡ง๐Ÿ‡ฉBengali
๐Ÿ‡ง๐Ÿ‡ทBrazilian Portuguese
๐Ÿ‡ฌ๐Ÿ‡งBritish English
๐Ÿ‡ง๐Ÿ‡ฌBulgarian
๐Ÿ‡ช๐Ÿ‡ธCatalan
๐Ÿ‡จ๐Ÿ‡ณChinese (Simplified)
๐Ÿ‡น๐Ÿ‡ผChinese (Traditional)
๐Ÿ‡ญ๐Ÿ‡ทCroatian
๐Ÿ‡จ๐Ÿ‡ฟCzech
๐Ÿ‡ฉ๐Ÿ‡ฐDanish
๐Ÿ‡ณ๐Ÿ‡ฑDutch
๐Ÿ‡บ๐Ÿ‡ธEnglish
๐Ÿ‡ช๐Ÿ‡ชEstonian
๐Ÿ‡ต๐Ÿ‡ญFilipino
๐Ÿ‡ซ๐Ÿ‡ฎFinnish
๐Ÿ‡ซ๐Ÿ‡ทFrench
๐Ÿ‡ฉ๐Ÿ‡ชGerman
๐Ÿ‡ฌ๐Ÿ‡ทGreek
๐Ÿ‡ฎ๐Ÿ‡ณGujarati
๐Ÿ‡ฎ๐Ÿ‡ฑHebrew
๐Ÿ‡ฎ๐Ÿ‡ณHindi
๐Ÿ‡ญ๐Ÿ‡บHungarian
๐Ÿ‡ฎ๐Ÿ‡ฉIndonesian
๐Ÿ‡ฎ๐Ÿ‡นItalian
๐Ÿ‡ฏ๐Ÿ‡ตJapanese
๐Ÿ‡ฎ๐Ÿ‡ณKannada
๐Ÿ‡ฐ๐Ÿ‡ทKorean
๐Ÿ‡ฒ๐Ÿ‡ฝLatin American Spanish
๐Ÿ‡ฑ๐Ÿ‡ปLatvian
๐Ÿ‡ฑ๐Ÿ‡นLithuanian
๐Ÿ‡ฒ๐Ÿ‡พMalay
๐Ÿ‡ฎ๐Ÿ‡ณMalayalam
๐Ÿ‡ฎ๐Ÿ‡ณMarathi
๐Ÿ‡ณ๐Ÿ‡ดNorwegian
๐Ÿ‡ฎ๐Ÿ‡ทPersian
๐Ÿ‡ต๐Ÿ‡ฑPolish
๐Ÿ‡ต๐Ÿ‡นPortuguese
๐Ÿ‡ท๐Ÿ‡ดRomanian
๐Ÿ‡ท๐Ÿ‡บRussian
๐Ÿ‡ท๐Ÿ‡ธSerbian
๐Ÿ‡ธ๐Ÿ‡ฐSlovak
๐Ÿ‡ธ๐Ÿ‡ฎSlovenian
๐Ÿ‡ช๐Ÿ‡ธSpanish
๐Ÿ‡ฐ๐Ÿ‡ชSwahili
๐Ÿ‡ธ๐Ÿ‡ชSwedish
๐Ÿ‡ฎ๐Ÿ‡ณTamil
๐Ÿ‡ฎ๐Ÿ‡ณTelugu
๐Ÿ‡น๐Ÿ‡ญThai
๐Ÿ‡น๐Ÿ‡ทTurkish
๐Ÿ‡บ๐Ÿ‡ฆUkrainian
๐Ÿ‡บ๐Ÿ‡ธUS English
๐Ÿ‡ป๐Ÿ‡ณVietnamese

Extension Info & Metadata

Status
Active
Version
6.1.9
Size
2.70 MB
Rating
0.0/5
Reviews
0
Users
366
Type
Extension
Updated
May 30, 2026
Category
Tools
Price
Free
Featured
No
Visibility
Listed
Mature
No
By Google
No
Trusted
Yes
Download CRX
Chrome Web Store
Report Issue

Publisher Contextual Analysis

Trusted
Author
crxloader.comView Profile
Privacy
Privacy Policy
Help
Help Center
Website
Visit
Total Extensions
1
Active
1
Obsolete
0
Listed
1
Unlisted
0
Total Users
366
Screenshot 1
Screenshot 2
Screenshot 3

Install and manage Chrome extensions from CRX or ZIP files in a secure loader workspace.

Item
Type
Severity
Description
scripting
Permission
Critical
This permission allows injection and execution of JavaScript on any webpage. Rated Critical because it can modify page content, steal sensitive data, and inject malicious code into any site the extension has access to.
declarativeNetRequestWithHostAccess
Permission
Critical
This permission combines network request modification with host permissions. Rated Critical because it can modify requests for specific domains, potentially targeting sensitive websites with precise attack rules.
offscreen
Permission
High
This permission creates hidden browser documents with full DOM access. Rated High because it can run background operations invisibly, potentially executing malicious code without user awareness.
storage
Permission
Medium
This permission allows storing data locally in the browser. Rated Medium because it can persist sensitive user data, track user activities over time, and potentially store malicious payloads.
unlimitedStorage
Permission
Medium
This permission removes storage quota restrictions. Rated Medium because it can store large amounts of user data without limits, potentially impacting browser performance and storing extensive tracking data.
*://crxloader.com/*
Host
Medium
Host permission โ€” access limited to this URL pattern.
alarms
Permission
Low
This permission schedules periodic tasks. Rated Low because it can only trigger events at specified times without access to sensitive data.
sidePanel
Permission
Low
This permission adds custom panels to the browser interface. Rated Low because it only affects browser UI elements and cannot access page content.

The bundled manifest declares `optional_host_permissions: ["*://*/*"]`, which is entirely absent from the published CWS manifest summary. This field would allow the extension to request host access to every URL on the internet; when combined with the declared `scripting` permission and `declarativeNetRequestWithHostAccess`, it means any user who grants these optional permissions gives the extension the ability to inject JavaScript into and rewrite network requests for every site they visit. The omission from the CWS-disclosed manifest is itself a disclosure violation.

manifest.json (Line 44)
{  "optional_host_permissions": [    "*://*/*"  ]}

By severity

Critical0
High1
Medium0
Low0

Versions scanned

None of the 3 scanned versions have more than one unique code-review finding. Counts are unique findings that include each version.

Extension VersionCode Review Findings
No versions with multiple unique findings.

Files with findings

1 distinct path โ€” top paths by unique finding count:

  • manifest.json1
S.No.
Category
Severity
File
Summary
Found in Version
1Other
high
manifest.json (line 44)The bundled manifest declares `optional_host_permissions: ["*://*/*"]`, which is entirely absent from the published CWS manifest summary. This field would allow the extension to request host access to every URL on theโ€ฆ
6.1.9
URLs
12
IPv4
0
IPv6
0

URLs

View the external URLs this extension communicates with to understand its network activity and data interactions.

Gain full insight into all external connections.

Upgrade for full visibility.

Sign In
www.w3.org/1999/xlinkhttp://www.w3.org/1999/xlink
www.w3.org/2000/svghttp://www.w3.org/2000/svg
www.w3.org/1998/Math/MathMLhttp://www.w3.org/1998/Math/MathML
www.w3__6mnlr.org__6mnlr/2000/svghttp://www.w3__6mnlr.org__6mnlr/2000/svg
www.w3__h1ulj.org__h1ulj/2000/svghttp://www.w3__h1ulj.org__h1ulj/2000/svg
stuk.github.io/jszip/documentation/howto/read_zip.htmlhttps://stuk.github.io/jszip/documentation/howto/read_zip.html
platform.crxloader.com-https://platform.crxloader.com
crxloader.com-https://crxloader.com
*/*http://*/*
*/*https://*/*
Showing 1 to 10 of 20 rows
Rows per page:

Gain full insight into all external connections.

Upgrade for full visibility.

Sign In
No IP addresses found
Showing 1 to 3 of 10 rows
Rows per page:

Code Diff

Compare extension code between any two versions.

0 changed files (scanned top 25 shared text files)

No comparable text files found between these versions.

Browse and explore files within this extension package

Gain full insight into all external connections.

Upgrade for full visibility.

Sign In