| scripting | Permission | | This permission allows injection and execution of JavaScript on any webpage. Rated Critical because it can modify page content, steal sensitive data, and inject malicious code into any site the extension has access to. |
| webRequest | Permission | | This permission enables the extension to monitor and analyze all web requests made by the browser. Rated Critical because it can observe all network traffic including sensitive data, track browsing behavior, and gather authentication tokens. |
| cookies | Permission | | This permission provides full access to read and modify browser cookies. Rated High because it can steal session tokens, modify authentication cookies, and compromise accounts across websites. |
| nativeMessaging | Permission | | This permission enables communication with applications installed on your computer. Rated High because it can exchange data with native programs, potentially exposing system-level information and local files. |
| Dangerous Permission Combination: scripting,cookies,webRequest | Risk Factor | | Enables extensions to interact with scripts, modify files and downloads, and alter browsing history and bookmarks, potentially affecting data integrity and user control. |
| Contextual Risk Factors | Risk Factor | | The following context increases the overall risk:• 20% increase: Access to sensitive domains increases potential impact• 10% increase: Early script execution enables pre-emptive content manipulation |
| storage | Permission | | This permission allows storing data locally in the browser. Rated Medium because it can persist sensitive user data, track user activities over time, and potentially store malicious payloads. |
| tabs | Permission | | This permission enables tab management and monitoring. Rated Medium because it can track open tabs, access tab metadata, and monitor user browsing patterns. |
| http://127.0.0.1/* | Host | | Host permission — access limited to this URL pattern. |
| http://localhost/* | Host | | Host permission — access limited to this URL pattern. |
| https://labs.google/* | Host | | Host permission — access limited to this URL pattern. |
| https://*.google.com/* | Host | | Host permission — access limited to this URL pattern. |
| https://*.googleusercontent.com/* | Host | | Host permission — access limited to this URL pattern. |
| https://flow-content.google/* | Host | | Host permission — access limited to this URL pattern. |
| https://grok.com/* | Host | | Host permission — access limited to this URL pattern. |
| https://*.grok.com/* | Host | | Host permission — access limited to this URL pattern. |
| https://*.x.com/* | Host | | Host permission — access limited to this URL pattern. |
| https://*.x.ai/* | Host | | Host permission — access limited to this URL pattern. |
| https://*.tiktok.com/* | Host | | Host permission — access limited to this URL pattern. |
| Access to Sensitive Domains | Risk Factor | | This extension requests access to sensitive domains: https://labs.google/*, https://*.google.com/*, https://*.googleusercontent.com/*, https://flow-content.google/* |
| Early Content Script Execution | Risk Factor | | This extension runs content scripts at document_start. |
| alarms | Permission | | This permission schedules periodic tasks. Rated Low because it can only trigger events at specified times without access to sensitive data. |