Is "AnuncioIA" on Chrome Web Store Safe to Install?

AI Security Review

Risky Plugins reviewed this extension with an AI-assisted security workflow on 2026-04-27. The review verdict is likely false positive with 75% confidence.

Recommended action: suppress false positive.
Risk context: MEDIUM risk, score 53/100.
Evidence context: threat category none; evidence quality moderate.

The extension "AnuncioIA" (version 0.4.0) presents three medium-severity findings that, upon examination, represent standard functionality rather than security concerns. The manifest.json file declares the 'tabs' permission (MANIFEST-SENSITIVE-PERM-TABS), which the extension requires to analyze Shopee advertisement content across browser tabs. This permission aligns with the stated purpose of real-time conversion score analysis for ads.

Two network findings appear in background.js at lines 145 and 183 (NET-FETCH-background.js-145, NET-FETCH-background.js-183). These fetch calls represent expected API communication for an AI-powered analysis tool that needs to send data to a backend service for processing. The findings do not extract specific destination domains, and no suspicious endpoints appear in the IoC analysis.

Critically, the evidence contains zero malware signatures, zero obfuscation indicators, and zero suspicious domains. The findings summary shows no code-smell detections, no secret exposures, and no tool-poisoning indicators. All three findings fall within the expected behavior profile for an ad analysis extension. The developer email ([email protected]) uses a business domain matching the extension name, and the Portuguese description describes plausible functionality for Brazilian e-commerce sellers.

The strongest counterargument centers on the zero user count and generic developer email address. A skeptic might argue this indicates an abandoned or fraudulent extension. However, user count alone does not determine security posture. The actual code findings show no malicious behavior. The email domain (anuncioia.com.br) is a legitimate business domain matching the extension name. The described functionality (Shopee ad analysis with AI) is plausible and matches the permissions used. The tabs permission enables the stated ad analysis capability, and the fetch calls enable the stated AI processing capability. There is no evidence of credential theft, browser hijacking, data exfiltration, or malware delivery in the findings.

The verdict is likely_false_positive because the CVEQ findings system flagged this extension, but the actual findings represent benign functionality. The tabs permission and fetch calls are legitimate for an ad analysis tool. There is no evidence of malicious intent or behavior in the code analysis.

Key Reasons

• Zero malware signatures detected in code analysis
• Zero suspicious domains or IoCs extracted from network calls
• Zero obfuscation indicators in any file
• Tabs permission aligns with stated ad analysis functionality
• Fetch calls represent expected API communication for AI service

False Positive Considerations

• Network findings show fetch calls without suspicious domains
• Tabs permission flagged as sensitive but legitimate for ad analysis
• No actual malicious indicators in any finding category