Triple Bot

Triple Bot

ID: geambgaabcolobknalaoheeimomkkekp

Supported Languages

🇹🇭Thai

Extension Info & Metadata

Status
Active
Version
11.8
Size
0.95 MB
Rating
0.0/5
Reviews
0
Users
888
Type
Extension
Updated
Jul 7, 2026
Category
Workflow & planning
Price
Free
Featured
No
Visibility
Listed
Mature
No
By Google
No
Trusted
No

Publisher Contextual Analysis

MX records exist
Yes
Domain exists
Yes
Is disposable
No
Is role-based
No
Mailbox exists
Yes
Total Extensions
1
Active
1
Obsolete
0
Listed
1
Unlisted
0
Total Users
800
Screenshot 1
Screenshot 2
Screenshot 3
Screenshot 4

Triple bot Automated video creation

Item
Type
Severity
Description
scripting
Permission
Critical
This permission allows injection and execution of JavaScript on any webpage. Rated Critical because it can modify page content, steal sensitive data, and inject malicious code into any site the extension has access to.
cookies
Permission
High
This permission provides full access to read and modify browser cookies. Rated High because it can steal session tokens, modify authentication cookies, and compromise accounts across websites.
nativeMessaging
Permission
High
This permission enables communication with applications installed on your computer. Rated High because it can exchange data with native programs, potentially exposing system-level information and local files.
Contextual Risk Factors
Risk Factor
High
The following context increases the overall risk:• 20% increase: Access to sensitive domains increases potential impact
storage
Permission
Medium
This permission allows storing data locally in the browser. Rated Medium because it can persist sensitive user data, track user activities over time, and potentially store malicious payloads.
tabs
Permission
Medium
This permission enables tab management and monitoring. Rated Medium because it can track open tabs, access tab metadata, and monitor user browsing patterns.
http://127.0.0.1/*
Host
Medium
Host permission — access limited to this URL pattern.
http://localhost/*
Host
Medium
Host permission — access limited to this URL pattern.
https://labs.google/*
Host
Medium
Host permission — access limited to this URL pattern.
https://*.google.com/*
Host
Medium
Host permission — access limited to this URL pattern.
https://*.googleusercontent.com/*
Host
Medium
Host permission — access limited to this URL pattern.
https://flow-content.google/*
Host
Medium
Host permission — access limited to this URL pattern.
https://grok.com/*
Host
Medium
Host permission — access limited to this URL pattern.
https://*.grok.com/*
Host
Medium
Host permission — access limited to this URL pattern.
https://*.x.com/*
Host
Medium
Host permission — access limited to this URL pattern.
https://*.x.ai/*
Host
Medium
Host permission — access limited to this URL pattern.
https://*.tiktok.com/*
Host
Medium
Host permission — access limited to this URL pattern.
Access to Sensitive Domains
Risk Factor
Medium
This extension requests access to sensitive domains: https://labs.google/*, https://*.google.com/*, https://*.googleusercontent.com/*, https://flow-content.google/*
alarms
Permission
Low
This permission schedules periodic tasks. Rated Low because it can only trigger events at specified times without access to sensitive data.

The published Chrome Web Store manifest listing declares 'webRequest' as a permission, but the bundled manifest.json in the extension ZIP does not include it. This mismatch between the live CWS entry and the installed code is itself a finding: the CWS listing may reflect a prior or future version with broader network interception capabilities, or the publisher submitted differing manifests. Users and enterprise policies evaluating this extension based on the CWS listing may incorrectly believe webRequest is active.

manifest.json (Line 26)
// Bundled manifest permissions:"permissions": [  "alarms",  "storage",  "scripting",  "tabs",  "cookies",  "nativeMessaging"]// Published CWS manifest permissions (from listing summary):"permissions": [  "alarms",  "storage",  "scripting",  "tabs",  "cookies",  "nativeMessaging",  "webRequest"   // <-- present in live listing, absent from bundled ZIP]

By severity

Critical0
High1
Medium0
Low0

Versions scanned

None of the 3 scanned versions have more than one unique code-review finding. Counts are unique findings that include each version.

Extension VersionCode Review Findings
No versions with multiple unique findings.

Files with findings

1 distinct path — top paths by unique finding count:

  • manifest.json1
S.No.
Category
Severity
File
Summary
Found in Version
1Other
high
manifest.json (line 26)The published Chrome Web Store manifest listing declares 'webRequest' as a permission, but the bundled manifest.json in the extension ZIP does not include it. This mismatch between the live CWS entry and the installed…
URLs
9
IPv4
1
IPv6
0

URLs

View the external URLs this extension communicates with to understand its network activity and data interactions.

Gain full insight into all external connections.

Upgrade for full visibility.

labs.google/fx/tools/flowhttps://labs.google/fx/tools/flow
grok.com/imaginehttps://grok.com/imagine
www.tiktok.com/tiktokstudio/uploadhttps://www.tiktok.com/tiktokstudio/upload
shop.tiktok.com/api/v1/streamer_desktop/showcase_product/listhttps://shop.tiktok.com/api/v1/streamer_desktop/showcase_product/list?offset=N&count=M
shop.tiktok.com/api/v1/streamer_desktop/showcase_product/listhttps://shop.tiktok.com/api/v1/streamer_desktop/showcase_product/list
labs.google/fxhttps://labs.google/fx
assets.grok.com/users/.../gen...https://assets.grok.com/users/.../gen...
http:-http://127.0.0.1:${port}/api/health`,
http:-http://127.0.0.1:${p}/api/accounts`,

Gain full insight into all external connections.

Upgrade for full visibility.

127.0.0.1
IPv4
-
Showing 1 to 3 of 10 rows
Rows per page:

Code Diff

Compare extension code between any two versions.

0 changed files (scanned top 25 shared text files)

No comparable text files found between these versions.

Browse and explore files within this extension package

Gain full insight into all external connections.

Upgrade for full visibility.