Is "Juejin Notifier - 掘金通知小助手" on Chrome Web Store Safe to Install?

[email protected] · chrome · v1.0.1

方便及时的获取掘金(juejin.cn)消息通知。 Juejin Notifier - 掘金消息通知小助手:是专门为掘友设计的一款Chrome扩展工具,通过掘金的官方 API 获取消息通知,并及时的通知您。 特点: ● 代码开源:开源透明,社区支持。仓库地址:https://github.com/fthux/JuejinNotifier ● 实时通知:及时获取多类新消息。 ● 系统通知:使用桌面系统通知提醒。 ● 快速预览:查看对应的消息通知数量。 ● 个性化:可忽略对应种类的消息,自定义刷新时间间隔。 ● 多主题:可以跟随系统切换主题颜色,也可以自定义浅色主题或深色主题。 如何使用: 1、安装扩展。 2、点击扩展的“前往登录”按钮,浏览器会自动打开掘金官网juejin.cn,登录掘金账号,在打开的掘金页面点击扩展,扩展会自动获取您的登录信息。 3、等待消息通知。 小技巧: ● 如果不想收到某类消息通知,可以在扩展中对应的消息后点击忽略。 ● 可以切换自动刷新的时间间隔。 ● 也可以手动刷新。 ● 默认主题会跟随系统,也可以在扩展中手动切换。 提示:Juejin Notifier 使用的是掘金的官方 API,但并不是掘金的官方产品。您的所有信息都只存储在您的电脑中,Juejin Notifier 不会上传任何信息,请您放心食用。

Risk Assessment

Analyzed
66.72
out of 100
HIGH

49 security findings detected across all analyzers

Chrome extension requesting 7 permissions

Severity Breakdown

0
Critical
0
High
39
Medium
10
Low
0
Info

Finding Categories

2
Network
35
IoC Indicators

YARA Rules Matched

5 rules(10 hits)
postinstall network communication postinstall system command postinstall file manipulation postinstall crypto operations postinstall file download

Requested Permissions

7 permissions
tabs
Medium
storage
Low
alarms
Low
notifications
Low
*://juejin.cn/*
Low
*://juejin.im/*
Low
*://api.juejin.cn/*
Low

About This Extension

方便及时的获取掘金(juejin.cn)消息通知。 Juejin Notifier - 掘金消息通知小助手:是专门为掘友设计的一款Chrome扩展工具,通过掘金的官方 API 获取消息通知,并及时的通知您。 特点: ● 代码开源:开源透明,社区支持。仓库地址:https://github.com/fthux/JuejinNotifier ● 实时通知:及时获取多类新消息。 ● 系统通知:使用桌面系统通知提醒。 ● 快速预览:查看对应的消息通知数量。 ● 个性化:可忽略对应种类的消息,自定义刷新时间间隔。 ● 多主题:可以跟随系统切换主题颜色,也可以自定义浅色主题或深色主题。 如何使用: 1、安装扩展。 2、点击扩展的“前往登录”按钮,浏览器会自动打开掘金官网juejin.cn,登录掘金账号,在打开的掘金页面点击扩展,扩展会自动获取您的登录信息。 3、等待消息通知。 小技巧: ● 如果不想收到某类消息通知,可以在扩展中对应的消息后点击忽略。 ● 可以切换自动刷新的时间间隔。 ● 也可以手动刷新。 ● 默认主题会跟随系统,也可以在扩展中手动切换。 提示:Juejin Notifier 使用的是掘金的官方 API,但并不是掘金的官方产品。您的所有信息都只存储在您的电脑中,Juejin Notifier 不会上传任何信息,请您放心食用。

Detailed Findings

13 total

YARA Rule Matches

5 rules

Indicators of Compromise

Network indicators, suspicious strings, and potential IoCs extracted during analysis

URLs
13
IP Addresses
4
Domains
18
Strings
35

All Indicators · 35

IP
detected IP: ::

XIOC detected IP: ::

extracted_from_files

Domain
detected Domain: v.ee

XIOC detected Domain: v.ee

extracted_from_files

URL
detected URL: https://juejin.cn/'

XIOC detected URL: https://juejin.cn/'

extracted_from_files

URL
detected URL: https://juejin.cn/notification'

XIOC detected URL: https://juejin.cn/notification'

extracted_from_files

URL
detected URL: https://fthux.com'

XIOC detected URL: https://fthux.com'

extracted_from_files

URL
detected URL: https://github.com/fthux/JuejinNotifier'

XIOC detected URL: https://github.com/fthux/JuejinNotifier'

extracted_from_files

URL
detected URL: https://chromewebstore.google.com/detail/juejin-notifier/nnlnnlnmombhnpcpobgpibaafcehejnp/reviews'

XIOC detected URL: https://chromewebstore.google.com/detail/juejin-notifier/nnlnnlnmombhnpcpobgpibaafcehejnp/reviews'

extracted_from_files

URL
detected URL: https://github.com/fthux/JuejinNotifier/issues'

XIOC detected URL: https://github.com/fthux/JuejinNotifier/issues'

extracted_from_files

URL
detected URL: https://api.juejin.cn/interact_api/v1/message/count?uuid=$

XIOC detected URL: https://api.juejin.cn/interact_api/v1/message/count?uuid=$

extracted_from_files

URL
detected URL: https://api.juejin.cn/user_api/v1/user/get?uuid=$

XIOC detected URL: https://api.juejin.cn/user_api/v1/user/get?uuid=$

extracted_from_files

URL
detected URL: http://ns.adobe.com/tiff/1.0/

XIOC detected URL: http://ns.adobe.com/tiff/1.0/

extracted_from_files

URL
detected URL: http://ns.adobe.com/exif/1.0/

XIOC detected URL: http://ns.adobe.com/exif/1.0/

extracted_from_files

URL
detected URL: https://clients2.google.com/service/update2/crx

XIOC detected URL: https://clients2.google.com/service/update2/crx

extracted_from_files

Domain
detected Domain: t.im

XIOC detected Domain: t.im

extracted_from_files

Domain
detected Domain: g.re

XIOC detected Domain: g.re

extracted_from_files

Domain
detected Domain: clients2.google.com

XIOC detected Domain: clients2.google.com

extracted_from_files

Domain
detected Domain: fthux.com

XIOC detected Domain: fthux.com

extracted_from_files

Domain
detected Domain: github.com

XIOC detected Domain: github.com

extracted_from_files

Domain
detected Domain: chromewebstore.google.com

XIOC detected Domain: chromewebstore.google.com

extracted_from_files

Domain
detected Domain: refreshbtn.click

XIOC detected Domain: refreshbtn.click

extracted_from_files

Domain
detected Domain: tab.id

XIOC detected Domain: tab.id

extracted_from_files

Domain
detected Domain: data.data

XIOC detected Domain: data.data

extracted_from_files

Domain
detected Domain: www.w3.org

XIOC detected Domain: www.w3.org

extracted_from_files

Domain
detected Domain: ns.adobe.com

XIOC detected Domain: ns.adobe.com

extracted_from_files

Domain
detected Domain: ld.am

XIOC detected Domain: ld.am

extracted_from_files

Domain
detected Domain: 7.cy

XIOC detected Domain: 7.cy

extracted_from_files

URL
detected URL: http://www.w3.org/1999/02/22-rdf-syntax-ns#

XIOC detected URL: http://www.w3.org/1999/02/22-rdf-syntax-ns#

extracted_from_files

IP
detected IP: ::c

XIOC detected IP: ::c

extracted_from_files

IP
detected IP: 4::

XIOC detected IP: 4::

extracted_from_files

IP
detected IP: 9::0

XIOC detected IP: 9::0

extracted_from_files

Domain
detected Domain: api.juejin.cn

XIOC detected Domain: api.juejin.cn

extracted_from_files

Domain
detected Domain: alarm.name

XIOC detected Domain: alarm.name

extracted_from_files

Domain
detected Domain: juejin.cn

XIOC detected Domain: juejin.cn

extracted_from_files

Domain
detected Domain: juejin.im

XIOC detected Domain: juejin.im

extracted_from_files

URL
detected URL: http://www.w3.org/2000/svg

XIOC detected URL: http://www.w3.org/2000/svg

extracted_from_files

Security Analysis Summary

Security Analysis Overview

Juejin Notifier - 掘金通知小助手 is a Chrome Web Store extension published by [email protected]. Version 1.0.1 has been analyzed by the Risky Plugins security platform, receiving a risk score of 66.72/100 (HIGH risk) based on 49 security findings.

Risk Assessment

This extension presents high security risk. Significant concerns were identified during analysis. It is not recommended for use in sensitive or production environments without thorough review.

Findings Breakdown

  • Medium: 39 finding(s)
  • Low: 10 finding(s)

What Was Analyzed

The security assessment covers multiple analysis categories:

  • Malware Detection: YARA rule matching against 2,400+ malware signatures
  • Secret Detection: Scanning for exposed API keys, tokens, and credentials
  • Static Analysis: Code-level security analysis for common vulnerability patterns
  • Network Analysis: Detection of suspicious network communications and endpoints
  • Obfuscation Detection: Identification of code obfuscation techniques

Developer Information

Juejin Notifier - 掘金通知小助手 is published by [email protected] on the Chrome Web Store marketplace. The extension has approximately 5 users.

Recommendation

This extension is not recommended for installation without thorough manual review. Consider alternatives with lower risk scores, or contact the developer to address the identified security concerns.

Frequently Asked Questions

Similar Extensions

Related extensions from the same publisher or marketplace

页面伪装者 (保护隐私)

[email protected]

HIGH 2 users

Send to NotebookLM

[email protected]

CRITICAL 296 users

Chat AI - Chat GPT 5 on all sites

[email protected]

CRITICAL 6K users

SensePage

[email protected]

CRITICAL

Auto Gmail - ChatGPT AI for email inbox

[email protected]

CRITICAL 1K users

Page Locker

[email protected]

CRITICAL 137 users