Is "知乎创作者智能助手" on Chrome Web Store Safe to Install?

AI Security Review

Risky Plugins reviewed this extension with an AI-assisted security workflow on 2026-04-27. The review verdict is likely false positive with 85% confidence.

Recommended action: suppress false positive.
Risk context: MEDIUM risk, score 62/100.
Evidence context: threat category none; evidence quality moderate.

This extension, "知乎创作者智能助手" (Zhihu Creator Smart Assistant), presents findings that are entirely consistent with documented false positive patterns. The 28 IoC findings are all garbage: e.target, panel.id, window.open, closebtn.click, panel.style.top, originnerwidth.call, and origclientwidth.call are JavaScript property access chains misread as domains by the XIOC extractor. The ::bef finding is an IPv6 fragment, another known false positive source. None of these represent actual network destinations.

The 2 network findings in background.js:28 and background.js:164 are generic fetch calls without specific domain information. For an AI assistant extension that requires backend communication for dialogue and writing assistance features, these network calls are expected behavior. There are no custom search engine domains, no history API manipulation, and no credential access patterns.

The 13 code-smell findings are classified as low severity and match the documented noise profile for YARA rules like postinstall_* and credential_* that fire on basic JavaScript patterns. Crucially, there are zero malware signatures, zero obfuscation findings, and zero high or critical severity findings. The extension's stated purpose (AI writing assistant for Zhihu creators) aligns with the observed behavior (network fetch calls for AI service communication).

The strongest counterargument is that the anonymous developer (Gmail address only) combined with zero users and version 1.0.0 could indicate a new malicious extension being tested. However, this argument fails because there is no actual malicious behavior in the code. A malicious extension would contain malware signatures, obfuscation, or data exfiltration to suspicious domains—none of which exist here. The findings are purely artifacts of the detection system's known false positive patterns, not indicators of malicious intent. Without any concrete evidence of harmful behavior beyond XIOC garbage, the extension should be classified as a false positive.

Key Reasons

• All IoC findings are XIOC false positives (property access chains, IPv6 fragments)
• Zero malware signatures detected
• Zero obfuscation findings
• Network calls are generic fetch operations expected for AI assistant functionality
• Extension purpose matches observed behavior

False Positive Considerations

• XIOC property access chain extraction (e.target, panel.id, window.open)
• IPv6 fragment false positives (::bef)
• Code-smell YARA rules (low severity)
• Generic fetch calls without specific domain information