drop chrome or firefox extension directory or manifest json · analyze extension permissions and capabilities · identify high-risk extensions · surface credential access network interception tab monitoring · runs locally
extension artifacts
drop extension directory or manifest
or click
mv2/mv3 manifest · permission risk matrix (91 entries) · content script domains · js pattern scan
drop manifest.json · crx · xpi · zip · extension csv