Is "HeHe" on Chrome Web Store Safe to Install?
HeHe помогает быстрее работать с вакансиями на hh.ru, а так же другие домены, и не тратить время на повторяющиеся действия. Что умеет расширение: - добавляет быстрые кнопки скрытия вакансий в выдаче hh.ru - позволяет скрывать работодателя целиком на странице вакансии - по желанию автоматически скрывает вакансии со статусами отклика: `Вы откликнулись`, `Вас пригласили`, `Вам отказали` - сохраняет сопроводительные письма и другие тексты отклика в локальные заметки расширения - позволяет быстро вставлять сохранённые заметки обратно в форму отклика - умеет по явному нажатию пользователя переписывать текст отклика через Gemini в нескольких режимах: грамматика, близкий перевод RU/EN, чище, сильнее, короче Расширение работает только на hh.ru и предназначено для упрощения откликов и очистки выдачи вакансий. Все заметки хранятся локально в браузере. Текст отправляется в Gemini только если пользователь сам нажимает одну из кнопок переписывания рядом с конкретным полем.
Risk Assessment
Analyzed59 security findings detected across all analyzers
Chrome extension requesting 2 permissions
Severity Breakdown
Finding Categories
Requested Permissions
2 permissionsAbout This Extension
Detailed Findings
7 totalIndicators of Compromise
Network indicators, suspicious strings, and potential IoCs extracted during analysis
All Indicators · 52
detected Domain: hehe-chromium-vx.y.z.zip XIOC detected Domain: hehe-chromium-vx.y.z.zip
extracted_from_files
detected URL: https://rabota.by/* XIOC detected URL: https://rabota.by/*
extracted_from_files
detected URL: https://*.rabota.by/* XIOC detected URL: https://*.rabota.by/*
extracted_from_files
detected URL: https://*.hh.ru/* XIOC detected URL: https://*.hh.ru/*
extracted_from_files
detected URL: https://hh.kz/* XIOC detected URL: https://hh.kz/*
extracted_from_files
detected URL: https://*.hh.kz/* XIOC detected URL: https://*.hh.kz/*
extracted_from_files
detected URL: https://hh.uz/* XIOC detected URL: https://hh.uz/*
extracted_from_files
detected URL: https://*.hh.uz/* XIOC detected URL: https://*.hh.uz/*
extracted_from_files
detected URL: https://hh.by/* XIOC detected URL: https://hh.by/*
extracted_from_files
detected URL: https://*.hh.by/* XIOC detected URL: https://*.hh.by/*
extracted_from_files
detected Domain: selectedmodel.id XIOC detected Domain: selectedmodel.id
extracted_from_files
detected URL: https://chromewebstore.google.com/detail/hehe/nindhlipkdnagkimhfgndepjfmokdona XIOC detected URL: https://chromewebstore.google.com/detail/hehe/nindhlipkdnagkimhfgndepjfmokdona
extracted_from_files
detected URL: https://github.com/kasperckiy/HeHe/releases/latest XIOC detected URL: https://github.com/kasperckiy/HeHe/releases/latest
extracted_from_files
detected Domain: template.md XIOC detected Domain: template.md
extracted_from_files
detected URL: https://clients2.google.com/service/update2/crx XIOC detected URL: https://clients2.google.com/service/update2/crx
extracted_from_files
detected URL: https://generativelanguage.googleapis.com/* XIOC detected URL: https://generativelanguage.googleapis.com/*
extracted_from_files
detected URL: https://hh.ru/* XIOC detected URL: https://hh.ru/*
extracted_from_files
detected Domain: rect.top XIOC detected Domain: rect.top
extracted_from_files
detected Domain: cardrect.top XIOC detected Domain: cardrect.top
extracted_from_files
detected Domain: chrome.storage XIOC detected Domain: chrome.storage
extracted_from_files
detected Domain: item.id XIOC detected Domain: item.id
extracted_from_files
detected Domain: letter.id XIOC detected Domain: letter.id
extracted_from_files
detected Domain: letters.map XIOC detected Domain: letters.map
extracted_from_files
detected Domain: resolvedentry.id XIOC detected Domain: resolvedentry.id
extracted_from_files
detected Domain: field.name XIOC detected Domain: field.name
extracted_from_files
detected Domain: note.name XIOC detected Domain: note.name
extracted_from_files
detected Domain: snapshot.notes.map XIOC detected Domain: snapshot.notes.map
extracted_from_files
detected Domain: savednotes.map XIOC detected Domain: savednotes.map
extracted_from_files
detected Domain: savebutton.click XIOC detected Domain: savebutton.click
extracted_from_files
detected Domain: event.target XIOC detected Domain: event.target
extracted_from_files
detected Domain: root.dataset.open XIOC detected Domain: root.dataset.open
extracted_from_files
detected Domain: date.now XIOC detected Domain: date.now
extracted_from_files
detected Domain: labels.map XIOC detected Domain: labels.map
extracted_from_files
detected Domain: properties.map XIOC detected Domain: properties.map
extracted_from_files
detected Domain: textarea.id XIOC detected Domain: textarea.id
extracted_from_files
detected Domain: textarea.name XIOC detected Domain: textarea.name
extracted_from_files
detected Domain: descriptor.set.call XIOC detected Domain: descriptor.set.call
extracted_from_files
detected Domain: field.id XIOC detected Domain: field.id
extracted_from_files
detected Domain: hehe-firefox-vx.y.z.zip XIOC detected Domain: hehe-firefox-vx.y.z.zip
extracted_from_files
detected URL: https://generativelanguage.googleapis.com/v1beta/models/$ XIOC detected URL: https://generativelanguage.googleapis.com/v1beta/models/$
extracted_from_files
detected Domain: generativelanguage.googleapis.com XIOC detected Domain: generativelanguage.googleapis.com
extracted_from_files
detected Domain: model.id XIOC detected Domain: model.id
extracted_from_files
detected Domain: preset.id XIOC detected Domain: preset.id
extracted_from_files
detected Domain: card.id XIOC detected Domain: card.id
extracted_from_files
detected Domain: element.click XIOC detected Domain: element.click
extracted_from_files
detected Domain: github.com XIOC detected Domain: github.com
extracted_from_files
detected Domain: hh.ru XIOC detected Domain: hh.ru
extracted_from_files
detected Domain: hh.kz XIOC detected Domain: hh.kz
extracted_from_files
detected Domain: hh.uz XIOC detected Domain: hh.uz
extracted_from_files
detected Domain: hh.by XIOC detected Domain: hh.by
extracted_from_files
detected Domain: rabota.by XIOC detected Domain: rabota.by
extracted_from_files
detected Domain: chromewebstore.google.com XIOC detected Domain: chromewebstore.google.com
extracted_from_files
Security Analysis Summary
Security Analysis Overview
HeHe is a Chrome Web Store extension published by [email protected]. Version 0.3.1 has been analyzed by the Risky Plugins security platform, receiving a risk score of 50.06/100 (MEDIUM risk) based on 59 security findings.
Risk Assessment
This extension presents moderate security risk. Several findings were detected that may warrant attention. Users should carefully review the permissions and findings before installation.
Findings Breakdown
- Medium: 59 finding(s)
What Was Analyzed
The security assessment covers multiple analysis categories:
- Malware Detection: YARA rule matching against 2,400+ malware signatures
- Secret Detection: Scanning for exposed API keys, tokens, and credentials
- Static Analysis: Code-level security analysis for common vulnerability patterns
- Network Analysis: Detection of suspicious network communications and endpoints
- Obfuscation Detection: Identification of code obfuscation techniques
Developer Information
HeHe is published by [email protected] on the Chrome Web Store marketplace.
Recommendation
Exercise caution with this extension. Review the detailed findings and ensure the requested permissions align with the extension's stated functionality before installation.
Source Code Not Available
Source code is not available for this version of the extension.
Frequently Asked Questions
Similar Extensions
Related extensions from the same publisher or marketplace
Ship Xanh copy sản phẩm, nhân bản shop, hiển thị % phí sàn, lượt bán tháng
[email protected]
SVG to AVIF Converter [ShiftShift]
[email protected]
ChromeCompare
[email protected]
CAI Tools
[email protected]
Auto Gmail - ChatGPT AI for email inbox
[email protected]
EC Seller Tools
[email protected]