Is "Apple TV Picture In Picture [QVI]" on Chrome Web Store Safe to Install?
We're thrilled to present the latest update, where we've listened to your feedback and made it happen – introducing the much-anticipated Picture-in-Picture icon with subtitles support! 🌟 What's New: New Picture-in-Picture Icon: Now you can enjoy uninterrupted viewing while diving into other tasks, all with the added bonus of subtitles! Are you looking for a tool to watch AppleTV+ in a convenient always-on-top window? You’re in the right place! Focus on other tasks while watching your favorite series. AppleTV+ Picture in Picture is perfect for multitasking, having something on in the background, or even working from home (we don’t advise sharing it with your boss though). There’s no need to stack multiple browser tabs anymore or to use other screens, it’s all fixed by this extension. How does it work? AppleTV+ Picture in Picture allows you to play video content in a floating window pinned always on top, so you can use the rest of your screen for other tasks. This extension adds an extra control button, which can be found among other viewing options (e.g. full-screen). Just click on it to launch a separate window with the show you’d like to watch and place it wherever you want, whether you're browsing your FB feed or preparing a business presentation. All you need to do is add AppleTV + Picture in Picture extension to your browser and enjoy your favorite series in the background. It's as simple as that! Disclaimer: AppleTV+ is a trademark of Apple Inc. This website & extension hold no association or affiliation with AppleTV+ or any third-party companies. This extension is part of the Quality Viewership Initiative, a collaborative effort to enhance the understanding of audience engagement. It collects anonymous, aggregated viewing insights to support creators and studios in improving the quality of their content. You can stop sharing your information at any time by switching the toggle on the options page.
Risk Assessment
Analyzed11 security findings detected across all analyzers
Chrome extension requesting 2 permissions
Severity Breakdown
Finding Categories
Requested Permissions
2 permissionsAbout This Extension
Detailed Findings
11 totalAI Security Report
AI Security Review
Risky Plugins reviewed this extension with an AI-assisted security workflow on 2026-04-28. The review verdict is likely false positive with 78% confidence.
Recommended action: no action.
Risk context: MEDIUM risk, score 44/100.
Evidence context: threat category none; evidence quality moderate.
This extension, 'Apple TV Picture In Picture [QVI]', has 11 findings, all classified as network detections in appletv.min.js and typ.min.js. The findings are titled NET-FETCH-appletv.min.js-3635, NET-FETCH-appletv.min.js-6767, NET-FETCH-typ.min.js-173, and similar variants. These findings only indicate that fetch() calls exist in the code—they do not reveal any actual domain names, URLs, or IP addresses being contacted. For a Picture-in-Picture extension, network requests are expected behavior for detecting video sources and managing playback state.
Crucially, the evidence shows zero malware signatures, zero obfuscation findings, zero credential theft patterns, and zero suspicious IoCs. The findings_summary explicitly states "ioc":"0", "malware-signature":"0", and "obfuscation":"0". Without actual domain extraction showing connections to suspicious servers, these network findings are generic noise from the static analysis tool flagging any fetch() call as a potential concern.
The developer email [email protected] is a generic Gmail address rather than a company domain. While this lacks corporate attribution, many legitimate Chrome extensions from individual developers use personal Gmail addresses. The extension name 'Apple TV Picture In Picture' describes a legitimate browser feature and does not mimic any known popular extension (no typosquatting detected). The description accurately matches the expected functionality.
The strongest counterargument would be that 11 network findings with a generic developer email suggests potential data exfiltration. However, this argument fails because the findings contain no actual domain names—only generic 'fetch detected' markers. Legitimate PiP extensions must make network requests to detect video elements, check for DRM restrictions, and manage playback state. Without evidence of suspicious domains (e.g., data exfiltration endpoints, command-and-control servers, or tracking domains), the network activity is consistent with the extension's stated purpose. The absence of malware signatures, obfuscation, or credential access patterns further supports that this is a false positive driven by overly broad network detection rules.
Key Reasons
- All 11 findings are generic fetch detections without suspicious domain extraction
- Zero malware signatures detected in any file
- Zero obfuscation findings present
- No credential theft or browser hijacking patterns identified
- Extension functionality matches stated description
False Positive Considerations
- Generic network fetch detection without domain extraction
- No malware signatures present
- No obfuscation or credential access patterns
- Legitimate PiP functionality requires network requests
Source Code Not Available
Source code is not available for this version of the extension.
Frequently Asked Questions
Similar Extensions
Related extensions from the same publisher or marketplace
Film Scores works with Paramount Plus
[email protected]
Crunchyroll: Picture in Picture [QVI]
[email protected]
Crunchyroll Speeder: adjust playback speed [QVI]
[email protected]
Crunchyroll Ad Skipper [QVI]
[email protected]
Tubi Speeder: adjust playback speed [QVI]
[email protected]
Hide Spoilers works with Paramount Plus [QVI]
[email protected]