Is Rabbithole safe to use?

Rabbithole has a security risk score of 53.37/100 (MEDIUM risk). Our security analysis detected 4 findings. Review the detailed security assessment below to understand the specific risks before installation.

What are the security risks of Rabbithole?

Based on our automated security analysis, Rabbithole presents medium risk level. The extension is analyzed for malware patterns, secret exposure, network communications, permissions, and supply chain vulnerabilities.

How is the security score calculated?

Risky Plugins calculates security scores using weighted categories: severity of findings (25 points max), malware detections (35 points), secret exposure (28 points), network communications (10 points), and obfuscation (10 points). Scores range from 0-100, with higher scores indicating greater risk.

What does CRITICAL, HIGH, MEDIUM, LOW, MINIMAL risk mean?

CRITICAL (80-100): Severe security issues like malware. HIGH (60-79): Significant vulnerabilities. MEDIUM (40-59): Moderate security concerns. LOW (20-39): Minor issues. MINIMAL (0-19): Very low risk. Always review findings before installing any extension.

Is "Rabbithole" on Chrome Web Store Safe to Install?

[email protected] · chrome · v4.9

We all get into rabbitholes online but we have no way to track them, and because we're afraid of losing that information, we have hundreds of tabs open! With Rabbithole, you can embark on your digital journeys, keep track of captivating websites, organize them into collections, and share them so others can get to experience them. Key Features: 🔗 Website Overlay: Rabbithole adds an overlay to every website you visit, allowing you to easily store interesting websites as soon as you encounter them. You can choose to dismiss it and just use the popup if that's your style. 📂 Project Organisation: The extension transforms your new tab page into a hub for managing your online adventures. Each rabbithole is represented as a project, showcasing a collection of the websites you've saved. 🥾 Trails: You can create ordered paths through websites with notes at each stop. Walk them step by step or share them with others to guide them through your research. 📑 Tab Management: Save all your open tabs to a Rabbithole with one click, then close them to declutter your browser. Reopen them anytime you want to continue where you left off. 🔍 Search Everywhere: Press Cmd+K to instantly search across all your saved content to find exactly what you're looking for. 📤 Export: Export your data to share your research or back up your work. 🌐 Publish: Connect your Atmosphere account to publish your Burrows and Trails as curated collections. Share your discoveries with the open social web. Rabbithole is your go-to companion for tracking all the wild depths of the internet you reach. Unearth hidden gems, conduct research, or simply satisfy your curiosity, all while easily managing and categorising your web discoveries. Download the extension and let the journey begin!

Risk Assessment

Analyzed

53.37

out of 100

MEDIUM

4 security findings detected across all analyzers

Chrome extension requesting 9 permissions

Severity Breakdown

Critical

High

Medium

Low

Info

Finding Categories

Network

Requested Permissions

9 permissions

*://*/*

Dangerous

identity

Access your identity and sign-in tokens

High

tabs

Medium

bookmarks

Medium

storage

Low

tabGroups

Low

https://*.bsky.social/*

Low

https://public.api.bsky.app/*

Low

https://plc.directory/*

Low

About This Extension

Detailed Findings

4 total

AI Security Report

AI Security Review

Risky Plugins reviewed this extension with an AI-assisted security workflow on 2026-04-28. The review verdict is likely false positive with 80% confidence.

Recommended action: no action.
Risk context: MEDIUM risk, score 53/100.
Evidence context: threat category none; evidence quality moderate.

The Rabbithole extension demonstrates no evidence of malicious behavior across all analyzed categories. The manifest-analysis finding MANIFEST-SENSITIVE-PERM-TABS in manifest.json identifies the 'tabs' permission, which is directly appropriate for an extension whose stated purpose is to 'Track your internet rabbitholes' — tracking browsing history requires tabs access.

The three network findings are all generic operation detections without suspicious domains: NET-FETCH-assets/modulepreload-polyfill-B5Qt9EMX.js-1, NET-FETCH-assets/browser-BGIZYV9P.js-1, and NET-SOCKET_IO-assets/Update-DNw0be3F.js-16. These file names indicate legitimate functionality: modulepreload polyfills (standard browser compatibility code), browser modules, and update mechanisms. Critically, the findings_summary shows ioc count of 0 — no suspicious domains were extracted from these network calls. The network findings detect the presence of fetch/socket_io calls, not specific destinations.

Zero malware signatures, zero obfuscation findings, and zero code-smell findings indicate clean code. The extension does not exhibit any high-confidence threat indicators: no typosquatting (name is unique), no browser hijacking (no custom search engines or new tab replacement), no credential theft (no login domain IoCs), and no malware delivery disguise patterns.

The strongest counterargument to this verdict would be: 'The developer is listed as an email address ([email protected]) rather than a verified company, and the extension requests sensitive tabs permissions.' However, this counterargument does not override the absence of actual malicious indicators. Anonymous developers are common for small utility extensions, and the tabs permission is functionally necessary for the extension's stated purpose. Without suspicious domains, obfuscation, malware signatures, or deceptive naming, developer anonymity alone does not constitute evidence of malicious intent. The evidence shows expected behavior for a browsing-tracking utility, not exploitation or data exfiltration.

Key Reasons

Zero malware signatures and zero obfuscation findings
Network findings detect generic operations without suspicious domains (ioc count = 0)
tabs permission is appropriate for stated browsing-tracking functionality
No typosquatting, browser hijacking, or credential theft indicators