Is SP REST JSON safe to use?

SP REST JSON has a security risk score of 80.47/100 (HIGH risk). Our security analysis detected 43 findings. Review the detailed security assessment below to understand the specific risks before installation.

What are the security risks of SP REST JSON?

Based on our automated security analysis, SP REST JSON presents high risk level. The extension is analyzed for malware patterns, secret exposure, network communications, permissions, and supply chain vulnerabilities.

How is the security score calculated?

Risky Plugins calculates security scores using weighted categories: severity of findings (25 points max), malware detections (35 points), secret exposure (28 points), network communications (10 points), and obfuscation (10 points). Scores range from 0-100, with higher scores indicating greater risk.

What does CRITICAL, HIGH, MEDIUM, LOW, MINIMAL risk mean?

CRITICAL (80-100): Severe security issues like malware. HIGH (60-79): Significant vulnerabilities. MEDIUM (40-59): Moderate security concerns. LOW (20-39): Minor issues. MINIMAL (0-19): Very low risk. Always review findings before installing any extension.

Is "SP REST JSON" on Microsoft Edge Add-ons Safe to Install?

Name: SP REST JSON
Availability: InStock
Author: DDesch

DDesch · edge · v1.5.0

SP REST JSON modifies the accept property in the request header for SharePoint REST API calls to get the response in JSON format and to show it directly in Microsoft Edge instead of getting unformatted XML syntax.

Risk Assessment

Analyzed

80.47

out of 100

HIGH

43 security findings detected across all analyzers

Severity Breakdown

Critical

High

Medium

Low

Info

Finding Categories

Malware Signatures

IoC Indicators

YARA Rules Matched

4 rules(12 hits)

postinstall network communication postinstall file manipulation postinstall crypto operations postinstall obfuscation

Detailed Findings

25 total

YARA Rule Matches

4 rules

Indicators of Compromise

Network indicators, suspicious strings, and potential IoCs extracted during analysis

URLs

Domains

Strings

All Indicators · 18

Domain

detected Domain: mozilla.org

XIOC detected Domain: mozilla.org

extracted_from_files

URL

detected URL: http://mozilla.org/MPL/2.0/.

XIOC detected URL: http://mozilla.org/MPL/2.0/.

extracted_from_files

URL

detected URL: https://github.com/ddesch/SP-REST-JSON/tree/master/

XIOC detected URL: https://github.com/ddesch/SP-REST-JSON/tree/master/

extracted_from_files

URL

detected URL: https://edge.microsoft.com/extensionwebstorebase/v1/crx

XIOC detected URL: https://edge.microsoft.com/extensionwebstorebase/v1/crx

extracted_from_files

Domain

detected Domain: sourcexml.id

XIOC detected Domain: sourcexml.id

extracted_from_files

Domain

detected Domain: attributenode.name

XIOC detected Domain: attributenode.name

extracted_from_files

Domain

detected Domain: stylexml.id

XIOC detected Domain: stylexml.id

extracted_from_files

Domain

detected Domain: www.inkscape.org

XIOC detected Domain: www.inkscape.org

extracted_from_files

Domain

detected Domain: github.com

XIOC detected Domain: github.com

extracted_from_files

Domain

detected Domain: ev.target

XIOC detected Domain: ev.target

extracted_from_files

Other

detected Email: [email protected]

XIOC detected Email: [email protected]

extracted_from_files

Domain

detected Domain: gmx.de

XIOC detected Domain: gmx.de

extracted_from_files

Domain

detected Domain: tab.id

XIOC detected Domain: tab.id

extracted_from_files

Domain

detected Domain: console.info

XIOC detected Domain: console.info

extracted_from_files

Domain

detected Domain: objconnectedport.name

XIOC detected Domain: objconnectedport.name

extracted_from_files

Domain

detected Domain: activetab.id

XIOC detected Domain: activetab.id

extracted_from_files

Domain

detected Domain: divjson.id

XIOC detected Domain: divjson.id

extracted_from_files

Domain

detected Domain: style.id

XIOC detected Domain: style.id

extracted_from_files

Security Analysis Summary

Security Analysis Overview

SP REST JSON is a edge extension published by DDesch. Version 1.5.0 has been analyzed by the Risky Plugins security platform, receiving a risk score of 80.47/100 (HIGH risk) based on 43 security findings.

Risk Assessment

This extension presents critical security risk. Severe issues were detected, potentially including malware indicators, exposed secrets, or dangerous behaviors. Installation is strongly discouraged until these issues are addressed.

Findings Breakdown

High: 12 finding(s)
Medium: 18 finding(s)

What Was Analyzed

The security assessment covers multiple analysis categories:

Malware Detection: YARA rule matching against 2,400+ malware signatures
Secret Detection: Scanning for exposed API keys, tokens, and credentials
Static Analysis: Code-level security analysis for common vulnerability patterns
Network Analysis: Detection of suspicious network communications and endpoints
Obfuscation Detection: Identification of code obfuscation techniques

Developer Information

SP REST JSON is published by DDesch on the edge marketplace.

Recommendation

This extension is not recommended for installation without thorough manual review. Consider alternatives with lower risk scores, or contact the developer to address the identified security concerns.

Source Code Viewer

Source Code Not Available

Source code is not available for this version of the extension.

Frequently Asked Questions

Similar Extensions

Related extensions from the same publisher or marketplace

StackExchangeNotifications

Unknown Developer

CRITICAL

Reverse Image Search

Unknown Developer

CRITICAL

Atomseo Broken and Redirect Links Checker

Unknown Developer

CRITICAL

GPX File Viewer

Unknown Developer

CRITICAL

linkit

Unknown Developer

CRITICAL

Navo

Unknown Developer

CRITICAL

Risk Assessment

Severity Breakdown

Finding Categories

YARA Rules Matched

Detailed Findings

HASH-75d66eb4e72ccdca

HASH-0e7d5f5b2cb06d1c

HASH-2f342621723a62cb

HASH-4a8e820c56c0bd95

HASH-efb5970e3e927489

HASH-530e2fb0fd5778e9

HASH-f5486efef9b14c1a

HASH-0263c560d00d2814

HASH-a8b7e2eaddf39d2f

HASH-65d5510fbd0b4e7b

HASH-cf46167bc9f17069

HASH-e9083867f533e0a7

HASH-3363abe18c23fd37

YARA Rule Matches

postinstall network communication

postinstall file manipulation

postinstall crypto operations

postinstall obfuscation

Indicators of Compromise

All Indicators · 18

Security Analysis Summary

Security Analysis Overview

Risk Assessment

Findings Breakdown

What Was Analyzed

Developer Information

Recommendation

Frequently Asked Questions

Similar Extensions

StackExchangeNotifications

Reverse Image Search

Atomseo Broken and Redirect Links Checker

GPX File Viewer

linkit

Navo