Is "BothSides - Multi-Perspective Analysis" on Chrome Web Store Safe to Install?
Every news article tells one side of the story. BothSides gives you the rest. BothSides is a Chrome side panel extension that uses AI to analyze any public news article and deliver a balanced, multi-perspective breakdown in real time. Navigate to an article, click "Analyze," and get five sections of structured insight streamed directly alongside the page you're reading. HOW IT WORKS 1. Navigate to any public news article on the web. 2. Open the BothSides side panel and click "Analyze This Article." 3. Read the AI-generated analysis as it streams in, section by section. WHAT YOU GET Each analysis includes five sections designed to help you think critically: - Both Sides Summary: A fair presentation of the strongest arguments from every perspective on the issue, not just the one the article favors. - Voice of the Opposition: The most compelling counterargument to the article's position, constructed as a steel-man — the best version of the opposing view, not a straw man. - The Undisputed Facts: What all sides agree on, cleanly separated from opinion and interpretation. - Stance & Framing: How the article's word choices, structure, and emphasis shape your perception of the topic. - Missing Context & Omissions: Important background, data, or perspectives that the article leaves out — whether deliberately or incidentally. WHY BOTHSIDES? In an era of increasing media polarization, it's easy to read only one perspective and mistake it for the whole picture. BothSides doesn't tell you what to think — it gives you the information you need to think for yourself. - AI-powered for nuanced, thoughtful analysis - Newspaper-inspired design that feels like a natural extension of your reading - Real-time streaming so you can read as the analysis generates - Light and dark themes for comfortable reading day or night PRIVACY & TRUST BothSides is built with privacy as a core principle: - Only reads page content when you explicitly click "Analyze" — never in the background - No browsing history collection, no tracking - Requires explicit user consent before the first analysis - Works only on public news articles — automatically blocks mail, docs, banking, and private pages - Article content is sent to BothSides servers solely for analysis and is not stored Perfect for journalists, researchers, students, or anyone who wants to be a more informed reader. Stop reading the news in a bubble — see both sides.
Risk Assessment
Analyzed127 security findings detected across all analyzers
Chrome extension requesting 5 permissions
Severity Breakdown
Finding Categories
YARA Rules Matched
7 rules(20 hits)Requested Permissions
5 permissionsAbout This Extension
Detailed Findings
22 totalYARA Rule Matches
7 rulesIndicators of Compromise
Network indicators, suspicious strings, and potential IoCs extracted during analysis
All Indicators · 104
detected Domain: mobile.slate.com XIOC detected Domain: mobile.slate.com
extracted_from_files
detected IP: ::bef XIOC detected IP: ::bef
extracted_from_files
detected URL: https://bothsides.golabs.tech/* XIOC detected URL: https://bothsides.golabs.tech/*
extracted_from_files
detected URL: https://bothsides.golabs.tech XIOC detected URL: https://bothsides.golabs.tech
extracted_from_files
detected URL: https://bothsides.golabs.tech/privacy XIOC detected URL: https://bothsides.golabs.tech/privacy
extracted_from_files
detected URL: https://github.com/markedjs/marked. XIOC detected URL: https://github.com/markedjs/marked.
extracted_from_files
detected SHA1 Hash: f82d5c549f046cb64ce5602bfd894b7ae807c8f8 XIOC detected SHA1 Hash: f82d5c549f046cb64ce5602bfd894b7ae807c8f8
extracted_from_files
detected URL: https://en.wikipedia.org/wiki/Comma#Comma_variants XIOC detected URL: https://en.wikipedia.org/wiki/Comma#Comma_variants
extracted_from_files
detected URL: https://schema.org/Article XIOC detected URL: https://schema.org/Article
extracted_from_files
detected URL: http://mobile.slate.com XIOC detected URL: http://mobile.slate.com
extracted_from_files
detected URL: https://developer.mozilla.org/en-US/docs/Web/Guide/HTML/Content_categories#Phrasing_content XIOC detected URL: https://developer.mozilla.org/en-US/docs/Web/Guide/HTML/Content_categories#Phrasing_content
extracted_from_files
detected URL: https://searchfox.org/mozilla-central/rev/f82d5c549f046cb64ce5602bfd894b7ae807c8f8/accessible/generic/TableAccessible.cpp#19 XIOC detected URL: https://searchfox.org/mozilla-central/rev/f82d5c549f046cb64ce5602bfd894b7ae807c8f8/accessible/generic/TableAccessible.cpp#19
extracted_from_files
detected URL: https://github.com/jsdom/jsdom/issues/2580 XIOC detected URL: https://github.com/jsdom/jsdom/issues/2580
extracted_from_files
detected URL: https://clients2.google.com/service/update2/crx XIOC detected URL: https://clients2.google.com/service/update2/crx
extracted_from_files
detected Domain: discord.com XIOC detected Domain: discord.com
extracted_from_files
detected Domain: www.notion.so XIOC detected Domain: www.notion.so
extracted_from_files
detected Domain: notion.so XIOC detected Domain: notion.so
extracted_from_files
detected Domain: atlassian.net XIOC detected Domain: atlassian.net
extracted_from_files
detected URL: http://www.apache.org/licenses/LICENSE-2.0 XIOC detected URL: http://www.apache.org/licenses/LICENSE-2.0
extracted_from_files
detected URL: http://code.google.com/p/arc90labs-readability XIOC detected URL: http://code.google.com/p/arc90labs-readability
extracted_from_files
detected URL: https://developer.mozilla.org/en-US/docs/Web/API/Node/nodeType XIOC detected URL: https://developer.mozilla.org/en-US/docs/Web/API/Node/nodeType
extracted_from_files
detected Domain: drive.google.com XIOC detected Domain: drive.google.com
extracted_from_files
detected Domain: calendar.google.com XIOC detected Domain: calendar.google.com
extracted_from_files
detected Domain: outlook.live.com XIOC detected Domain: outlook.live.com
extracted_from_files
detected Domain: outlook.office.com XIOC detected Domain: outlook.office.com
extracted_from_files
detected Domain: aktualne.cz XIOC detected Domain: aktualne.cz
extracted_from_files
detected Domain: mail.proton.me XIOC detected Domain: mail.proton.me
extracted_from_files
detected Domain: app.slack.com XIOC detected Domain: app.slack.com
extracted_from_files
detected Domain: h.call XIOC detected Domain: h.call
extracted_from_files
detected Domain: i.data XIOC detected Domain: i.data
extracted_from_files
detected Domain: er.call XIOC detected Domain: er.call
extracted_from_files
detected Domain: nr.call XIOC detected Domain: nr.call
extracted_from_files
detected Domain: c.ownerdocument.doctype.name XIOC detected Domain: c.ownerdocument.doctype.name
extracted_from_files
detected Domain: mail.google.com XIOC detected Domain: mail.google.com
extracted_from_files
detected Domain: docs.google.com XIOC detected Domain: docs.google.com
extracted_from_files
detected Domain: n.call XIOC detected Domain: n.call
extracted_from_files
detected Domain: object.prototype.tostring.call XIOC detected Domain: object.prototype.tostring.call
extracted_from_files
detected Domain: i.safe XIOC detected Domain: i.safe
extracted_from_files
detected Domain: i.in XIOC detected Domain: i.in
extracted_from_files
detected Domain: tr.call XIOC detected Domain: tr.call
extracted_from_files
detected Domain: jn.call XIOC detected Domain: jn.call
extracted_from_files
detected Domain: f.show XIOC detected Domain: f.show
extracted_from_files
detected Domain: this.renderer.hr XIOC detected Domain: this.renderer.hr
extracted_from_files
detected Domain: r.link XIOC detected Domain: r.link
extracted_from_files
detected Domain: r.br XIOC detected Domain: r.br
extracted_from_files
detected Domain: e.call XIOC detected Domain: e.call
extracted_from_files
detected Domain: n.name XIOC detected Domain: n.name
extracted_from_files
detected Domain: u.call XIOC detected Domain: u.call
extracted_from_files
detected Domain: o.call XIOC detected Domain: o.call
extracted_from_files
detected Domain: f.call XIOC detected Domain: f.call
extracted_from_files
detected Domain: this.state.top XIOC detected Domain: this.state.top
extracted_from_files
detected Domain: p.call XIOC detected Domain: p.call
extracted_from_files
detected Domain: this.tokenizer.link XIOC detected Domain: this.tokenizer.link
extracted_from_files
detected Domain: this.tokenizer.br XIOC detected Domain: this.tokenizer.br
extracted_from_files
detected Domain: a.call XIOC detected Domain: a.call
extracted_from_files
detected Domain: this.renderer.space XIOC detected Domain: this.renderer.space
extracted_from_files
detected Domain: j.search XIOC detected Domain: j.search
extracted_from_files
detected Domain: n.items.at XIOC detected Domain: n.items.at
extracted_from_files
detected Domain: l.call XIOC detected Domain: l.call
extracted_from_files
detected Domain: this.tokenizer.space XIOC detected Domain: this.tokenizer.space
extracted_from_files
detected Domain: r.at XIOC detected Domain: r.at
extracted_from_files
detected Domain: this.inlinequeue.at XIOC detected Domain: this.inlinequeue.at
extracted_from_files
detected Domain: this.tokenizer.hr XIOC detected Domain: this.tokenizer.hr
extracted_from_files
detected Domain: c.delta XIOC detected Domain: c.delta
extracted_from_files
detected Domain: e.name XIOC detected Domain: e.name
extracted_from_files
detected Domain: a.id XIOC detected Domain: a.id
extracted_from_files
detected Domain: s.at XIOC detected Domain: s.at
extracted_from_files
detected Domain: this.lexer.state.top XIOC detected Domain: this.lexer.state.top
extracted_from_files
detected Domain: a.at XIOC detected Domain: a.at
extracted_from_files
detected Domain: b.search XIOC detected Domain: b.search
extracted_from_files
detected Domain: values.author XIOC detected Domain: values.author
extracted_from_files
detected Domain: e.id XIOC detected Domain: e.id
extracted_from_files
detected Domain: filter.call XIOC detected Domain: filter.call
extracted_from_files
detected Domain: next.id XIOC detected Domain: next.id
extracted_from_files
detected Domain: node.style XIOC detected Domain: node.style
extracted_from_files
detected Domain: bothsides.golabs.tech XIOC detected Domain: bothsides.golabs.tech
extracted_from_files
detected Domain: s.read XIOC detected Domain: s.read
extracted_from_files
detected Domain: div.id XIOC detected Domain: div.id
extracted_from_files
detected Domain: parsed.name XIOC detected Domain: parsed.name
extracted_from_files
detected Domain: mail.yahoo.com XIOC detected Domain: mail.yahoo.com
extracted_from_files
detected Domain: parsed.author XIOC detected Domain: parsed.author
extracted_from_files
detected Domain: parsed.author.name XIOC detected Domain: parsed.author.name
extracted_from_files
detected Domain: author.name XIOC detected Domain: author.name
extracted_from_files
detected Domain: parsed.publisher.name XIOC detected Domain: parsed.publisher.name
extracted_from_files
detected Domain: array.prototype.some.call XIOC detected Domain: array.prototype.some.call
extracted_from_files
detected Domain: array.prototype.every.call XIOC detected Domain: array.prototype.every.call
extracted_from_files
detected Domain: tagnames.map XIOC detected Domain: tagnames.map
extracted_from_files
detected Domain: node.id XIOC detected Domain: node.id
extracted_from_files
detected Domain: articlecontent.id XIOC detected Domain: articlecontent.id
extracted_from_files
detected Domain: nodecontent.search XIOC detected Domain: nodecontent.search
extracted_from_files
detected Domain: topcandidate.id XIOC detected Domain: topcandidate.id
extracted_from_files
detected Domain: searchfox.org XIOC detected Domain: searchfox.org
extracted_from_files
detected Domain: github.com XIOC detected Domain: github.com
extracted_from_files
detected Domain: attr.name XIOC detected Domain: attr.name
extracted_from_files
detected Domain: array.prototype.map XIOC detected Domain: array.prototype.map
extracted_from_files
detected Domain: filterfn.call XIOC detected Domain: filterfn.call
extracted_from_files
detected Domain: array.prototype.foreach.call XIOC detected Domain: array.prototype.foreach.call
extracted_from_files
detected Domain: array.prototype.find.call XIOC detected Domain: array.prototype.find.call
extracted_from_files
detected IP: e::f XIOC detected IP: e::f
extracted_from_files
detected Domain: nx.am XIOC detected Domain: nx.am
extracted_from_files
detected Domain: www.apache.org XIOC detected Domain: www.apache.org
extracted_from_files
detected Domain: code.google.com XIOC detected Domain: code.google.com
extracted_from_files
detected Domain: developer.mozilla.org XIOC detected Domain: developer.mozilla.org
extracted_from_files
detected Domain: en.wikipedia.org XIOC detected Domain: en.wikipedia.org
extracted_from_files
AI Security Report
AI Security Review
Risky Plugins reviewed this extension with an AI-assisted security workflow on 2026-04-27. The review verdict is likely false positive with 72% confidence.
Recommended action: suppress false positive.
Risk context: MEDIUM risk, score 64/100.
Evidence context: threat category none; evidence quality moderate.
The BothSides extension presents 105 IoC findings that are almost entirely false positives. The XIOC extractor has misidentified JavaScript property access chains as domain names: c.ownerdocument.doctype.name is DOM property access (document.doctype.name), object.prototype.tostring.call is standard JavaScript (Object.prototype.toString.call), and n.call, nr.call, er.call are method invocations misread as domains. These patterns match the documented false positive profile for the XIOC extractor.
The remaining IoC findings reference legitimate service domains: docs.google.com, mail.google.com, mail.yahoo.com, app.slack.com, and mail.proton.me are all well-known services that extensions legitimately interact with. The domain i.in is a legitimate Indian web property, and i.safe could be a legitimate service. None of these represent suspicious third-party domains that would indicate data exfiltration or command-and-control infrastructure.
Critically, the findings summary shows 0 malware signatures, 0 malware findings, and 0 obfuscation findings. The 20 code-smell findings are classified as low severity and represent benign patterns like basic Node.js API usage. The single network finding lacks specific details about destination or purpose, and without malware signatures or obfuscation, it does not constitute evidence of malicious behavior.
The developer email [email protected] is generic but not obviously fraudulent. The extension name "BothSides - Multi-Perspective Analysis" and description "Analyze news articles for bias and see both sides of every story" are consistent with a legitimate news analysis tool. The 0 user count indicates this is a new or obscure extension, which warrants caution but does not indicate malicious intent.
The strongest counterargument is the single network finding combined with zero users, which could indicate an early-stage data exfiltration tool. However, network findings alone are insufficient evidence without malware signatures, obfuscation, or suspicious destination domains. The 105 IoC findings are clearly false positives from known XIOC extraction artifacts, and the extension's stated purpose (news analysis) would legitimately require network connectivity. Runtime analysis would resolve uncertainty about the network finding's actual behavior, but based on static analysis alone, the evidence points to false positives rather than malicious activity.
Key Reasons
- 105 IoC findings are XIOC false positives: property access chains (c.ownerdocument.doctype.name, object.prototype.tostring.call) and legitimate service domains (google.com, yahoo.com, slack.com)
- Zero malware signatures and zero obfuscation findings despite 127 total findings
- Extension purpose (news bias analysis) aligns with legitimate network connectivity requirements
- Developer email ([email protected]) is generic but not impersonating known brands
False Positive Considerations
- XIOC property access chain misread as domains (c.ownerdocument.doctype.name, object.prototype.tostring.call, n.call, nr.call, er.call)
- Legitimate service domains misclassified as suspicious IoCs (docs.google.com, mail.yahoo.com, app.slack.com)
- Code-smell findings (20 low-severity) are benign patterns from standard JavaScript
Source Code Not Available
Source code is not available for this version of the extension.
Frequently Asked Questions
Similar Extensions
Related extensions from the same publisher or marketplace
Ship Xanh copy sản phẩm, nhân bản shop, hiển thị % phí sàn, lượt bán tháng
[email protected]
SVG to AVIF Converter [ShiftShift]
[email protected]
ChromeCompare
[email protected]
CAI Tools
[email protected]
Auto Gmail - ChatGPT AI for email inbox
[email protected]
EC Seller Tools
[email protected]