Is "Feasibility Helper" on Chrome Web Store Safe to Install?

AI Security Review

Risky Plugins reviewed this extension with an AI-assisted security workflow on 2026-04-30. The review verdict is likely false positive with 85% confidence.

Recommended action: no action.
Risk context: MEDIUM risk, score 53/100.
Evidence context: threat category none; evidence quality strong.

The Feasibility Helper extension presents 16 medium-severity findings, all of which are explainable by the extension's stated purpose. The manifest finding MANIFEST-SENSITIVE-PERM-TABS in manifest.json indicates the extension requests the 'tabs' permission, which is necessary for content scripts to interact with web pages for autofill functionality. The 15 network findings consist entirely of socket_io calls in content-scripts files (clintrak.js, fillSurveyMonkey.js, jotForm.js, fillMicrosoftForm.js, fillAlchemer.js, fillQualtrics.js, fillTFSCro.js, fillJotForm.js, tfscro.js, surveyMonkey.js) and one fetch call in chunks/sidepanel-CHBDchQF.js. These network calls are consistent with an extension designed to autofill clinical research questionnaires on platforms like SurveyMonkey, Qualtrics, JotForm, and Microsoft Forms. The extension description explicitly states it provides 'seamless autofill and data management for clinical research sites,' which directly explains why socket_io connections to form platforms are present.

Critically, the findings_summary shows zero malware signatures, zero obfuscation findings, zero suspicious IoCs, and zero code-smell findings. This is the key differentiator from actual malicious extensions. Real malware would show obfuscation patterns, suspicious domain connections, or malware signatures alongside network activity. The developer email [email protected] suggests a legitimate business entity focused on Bayesian predictive analytics, consistent with the clinical research domain.

The strongest counterargument would be that the extension has only 26 users and the developer uses a personal-style email address rather than a corporate account. However, low user count alone does not indicate malicious intent, and many legitimate specialized tools have small user bases. The extension's functionality is narrowly scoped to clinical research feasibility questionnaires, which naturally limits its audience. Without any malware signatures, obfuscation, or suspicious domain connections, there is no evidence of malicious behavior—only evidence of normal extension operation for its stated purpose.

Key Reasons

• Zero malware signatures detected in analysis
• Zero obfuscation findings despite network activity
• Network calls to known form platforms match stated autofill purpose
• No suspicious IoCs or unknown domains extracted
• Permission structure consistent with content script functionality

False Positive Considerations

• Network findings from legitimate form platform integrations
• Socket_io calls expected for real-time form autofill functionality
• No malware signatures to support malicious classification