Is "WBin" on Chrome Web Store Safe to Install?
WBin — расширение для быстрого копирования и анализа данных из кабинета Wildberries и Ozon в один клик. Подходит для работы с рекламными кампаниями, статистикой, АСК, финансовыми отчетами и акциями: вы получаете таблицы с предпросмотром, копированием в буфер и выгрузкой в Excel. В разделе «Акции» доступен удобный массовый режим: выбор акций по статусам («Буду уч», «Доступна», «Участвую», «Пропускаю»), объединение товаров из нескольких акций в одну таблицу, автоматическое добавление колонок «ID акции» и «Название акции», а также копирование и сохранение общей таблицы. В разделе «Ozon цены» можно открыть таблицу цен текущей страницы, скопировать всю таблицу или только артикулы. WBin ускоряет ежедневную аналитику и делает работу с маркетплейсами точнее и удобнее. WBin is a browser extension for fast data copying and analysis from Wildberries and Ozon seller cabinets. It helps teams work with ad campaigns, campaign statistics, ASK analytics, financial reports, and promotions using ready-to-use tables with preview, clipboard copy, and Excel export. In the Promotions module, you can select campaigns by status (“Will participate”, “Available”, “Participating”, “Skipping”), combine products from multiple promotions into one unified table, automatically add “Promotion ID” and “Promotion Name” columns, then copy or export the final dataset. The Ozon Prices module lets you open the current page price table and copy either the full table or only product SKUs. WBin saves time and streamlines marketplace reporting workflows. Возможно вы искали: Wildberries расширение, аналитика Wildberries, копирование данных WB, статистика рекламных кампаний WB, АСК Wildberries, финансовые отчеты WB, акции Wildberries выгрузка товаров, объединение Excel по акциям, Ozon цены таблица, копировать артикулы Ozon, Chrome extension for Wildberries analytics, Wildberries ads statistics tool, WB campaign data export, promotions bulk export Wildberries, Ozon price table export
Risk Assessment
Analyzed16 security findings detected across all analyzers
Chrome extension requesting 11 permissions
Severity Breakdown
Finding Categories
Requested Permissions
11 permissionsIntercept, modify, and block all network requests
About This Extension
Detailed Findings
16 totalAI Security Report
AI Security Review
Risky Plugins reviewed this extension with an AI-assisted security workflow on 2026-04-28. The review verdict is likely false positive with 75% confidence.
Recommended action: suppress false positive.
Risk context: MEDIUM risk, score 53/100.
Evidence context: threat category none; evidence quality moderate.
This extension, named 'WBin' with the Russian description 'Скачивание данных, статистики, фин. отчетов с сайта Wildberries простым способом' (downloading data, statistics, financial reports from Wildberries), presents 16 findings that are all expected artifacts for its stated functionality.
The 15 network findings are generic fetch and xmlhttprequest calls detected in files like inject.js:107, inject.js:118, background.js:191, and finreport/scripts/reports.js:470. These are not flagged as suspicious domains or IPs—there are 0 IoC findings in the bundle. For an extension designed to scrape data from the Wildberries e-commerce platform, these network calls are the core functionality, not evidence of malicious behavior. The file paths (finreport/scripts/reports.js, modules/niche-analysis/niche_jam/niche_jam.js, promo/promo.js) align with legitimate data extraction and reporting features.
The single manifest finding, MANIFEST-SENSITIVE-PERM-TABS in manifest.json, is a medium-severity flag for the tabs permission. This permission is necessary for an extension that injects code into web pages (inject.js) to interact with Wildberries. While tabs is a sensitive permission, it is appropriate for the extension's declared purpose of scraping website data.
Critically, there are 0 malware signatures, 0 obfuscation findings, 0 code-smell findings, and 0 suspicious domains. The findings_summary explicitly shows "ioc":"0","malware-signature":"0","malware":"0","obfuscation":"0". These are the indicators that would signal actual malicious behavior, and their absence is decisive.
The strongest counterargument is the anonymous developer ([email protected]) and very low user count (44 users). A skeptic could argue that anonymous publishers with sensitive permissions warrant higher scrutiny. However, the evidence framework explicitly states that finding COUNT is not evidence and finding NATURE is evidence. The nature of every finding here is benign: generic network calls and a permission appropriate for the extension's function. Without malware signatures, obfuscation, or suspicious domains, the anonymous publisher alone does not constitute malicious behavior. The extension appears to be a niche tool for Russian e-commerce sellers, and the findings represent normal operation, not threat indicators.
Key Reasons
- Zero malware signatures detected in the entire bundle
- Zero obfuscation findings despite 16 total findings
- Zero suspicious domains or IoCs—network findings are generic fetch calls
- File paths align with legitimate Wildberries data-scraping functionality
- Tabs permission is appropriate for page injection use case
False Positive Considerations
- Generic network call detection on legitimate fetch/xmlhttprequest usage
- Sensitive permission flagging for tabs in a page-injection extension
- No actual IoC extraction—findings are function calls, not domains
Source Code Not Available
Source code is not available for this version of the extension.
Frequently Asked Questions
Similar Extensions
Related extensions from the same publisher or marketplace
Ship Xanh copy sản phẩm, nhân bản shop, hiển thị % phí sàn, lượt bán tháng
[email protected]
SVG to AVIF Converter [ShiftShift]
[email protected]
ChromeCompare
[email protected]
CAI Tools
[email protected]
Auto Gmail - ChatGPT AI for email inbox
[email protected]
EC Seller Tools
[email protected]