Is "Document Text Extractor for Claude" on Chrome Web Store Safe to Install?

AI Security Review

Risky Plugins reviewed this extension with an AI-assisted security workflow on 2026-04-27. The review verdict is likely false positive with 85% confidence.

Recommended action: monitor.
Risk context: CRITICAL risk, score 95/100.
Evidence context: threat category none; evidence quality moderate.

This extension's security findings are predominantly noise from well-documented CVEQ false positive patterns. The 330 IoC findings include strings like l.prototype.next, b.asm.gf, and b.asm.tf which are JavaScript property access chains misidentified as domains by the XIOC extractor. The pattern b.asm.gf represents an object.property.property chain in minified JavaScript, not a network domain. Similarly, d.cf, g.cf, and h.cf are single-character fragments from obfuscated variable names, not legitimate domain references.

The two obfuscation findings (OBFUSCATION-LARGE_WASM_FILE-tesseract-core-simd-lstm.wasm and OBFUSCATION-LARGE_WASM_FILE-tesseract-core.wasm) are legitimate Tesseract OCR library binaries. This is consistent with the extension's stated purpose of text extraction from documents. Tesseract is a widely-used open-source OCR engine, and large WASM files are expected for client-side OCR functionality. This is not obfuscation—it's the extension's core feature.

The 61 code-smell findings are from YARA rules that fire on basic JavaScript patterns. The findings summary shows zero malware signatures, zero malware detections, and only one network finding with no suspicious domain. There are no credential theft indicators, no browser hijacking domains, no custom search engine configurations, and no suspicious external data transmission patterns.

The strongest counterargument is the anonymous developer ([email protected]) and zero user count, which could indicate a newly deployed malicious extension. However, the evidence does not support malicious intent: the extension's functionality (text extraction) aligns with its components (Tesseract OCR), the IoCs are false positives from property chains, and there are no actual malware signatures or suspicious network destinations. The developer using a personal Gmail address is common for small utility extensions and does not inherently indicate malicious activity.

This extension should be reanalyzed after user adoption increases to confirm behavior matches the stated purpose.

Key Reasons

• IoC findings are property access chains misread as domains (l.prototype.next, b.asm.gf patterns)
• WASM files are legitimate Tesseract OCR library, not obfuscation
• Zero malware signatures or credential theft indicators
• Extension functionality matches its components (OCR for text extraction)

False Positive Considerations

• XIOC property chain misidentification
• Legitimate Tesseract OCR WASM libraries flagged as obfuscation
• YARA code-smell rules on standard JavaScript patterns