Is Feedly Mini safe to use?

Feedly Mini has a security risk score of 0/100 (MINIMAL risk). Our security analysis detected 0 findings. Review the detailed security assessment below to understand the specific risks before installation.

What are the security risks of Feedly Mini?

Based on our automated security analysis, Feedly Mini presents minimal risk level. The extension is analyzed for malware patterns, secret exposure, network communications, permissions, and supply chain vulnerabilities.

How is the security score calculated?

Risky Plugins calculates security scores using weighted categories: severity of findings (25 points max), malware detections (35 points), secret exposure (28 points), network communications (10 points), and obfuscation (10 points). Scores range from 0-100, with higher scores indicating greater risk.

What does CRITICAL, HIGH, MEDIUM, LOW, MINIMAL risk mean?

CRITICAL (80-100): Severe security issues like malware. HIGH (60-79): Significant vulnerabilities. MEDIUM (40-59): Moderate security concerns. LOW (20-39): Minor issues. MINIMAL (0-19): Very low risk. Always review findings before installing any extension.

Is "Feedly Mini" on Firefox Add-ons Safe to Install?

Name: Feedly Mini
Availability: InStock
Rating: 2.6923 (26 reviews)
Author: Feedly

Feedly · firefox · v1.0.12

Easily add content to your Feedly while browsing. One million Feedly users rely on Feedly Mini to quickly add new sources to their feeds and save essential articles to their boards. Saving insightful articles to your boards allows you to share and shine with your team and train Leo. The more articles you save to a board, the greater the accuracy of Leo’s like board priorities. If you have access to the annotation features, you will be able to add a note to the article you are saving to your boards. If you are part of Feedly Teams and have connected Feedly Teams with Slack, you will be able to mention a teammate or a Slack channel directly in Feedly mini and quickly notify your teammates. Let’s imagine that you are browsing the Web and you discovered a new source you want to follow in Feedly. When you click on the Feedly Mini icon, Feedly Mini will automatically discover the RSS feed for the page you are reading and show you a popup with information about that source. You can click on Follow in Feedly to preview the RSS in Feedly and add it to one of your feeds. You can also click on Explore to tap into the collective wisdom of the Feedly community and determine what are the sources that user often co-read with the source you are looking at. No more having to look at the source page to find an RSS URL and manually searching for that URL to be able to add it to one of your feeds. This is the first step for us to bring some of the work we are doing with Leo and discovery to Feedly Mini. Let us know what you think by joining the Feedly Lab Slack community and expect to see more in the next three to six months as Leo matures

Risk Assessment

Pending

out of 100

MINIMAL

0 security findings detected across all analyzers

Firefox extension requesting 6 permissions

No Threats Detected

This extension passed all security checks

About This Extension

No Findings

All security checks passed

AI Security Report

AI Security Analysis: Feedly Mini

Analysis generated: 2025-12-12T20:17:35+13:00
Model: gemini-3-pro-preview

Quick Facts

Property	Value
UUID	`71e2e32e-86ff-567a-9796-c036e0f44992`
Type	firefox
Version
Users	1561
Risk Score	100.0/100 (CRITICAL)
Malware Detected	⚠️ Yes
Secrets Exposed	✅ No
Critical Vulns	✅ No

AI Analysis

Executive Summary

DO NOT INSTALL / UNINSTALL IMMEDIATELY.
This extension poses a CRITICAL security risk and exhibits multiple characteristics of malicious software. The analysis indicates a high probability that this is a fake or compromised version of "Feedly Mini," evidenced by an unverified publisher status, a suspiciously low user count (1,561), and 83 specific malware signatures indicating capabilities to modify system registries, execute system commands, and establish persistence.

Threat Assessment

The security posture of this extension is non-existent (Trust Score: 0/100). The analysis reveals a severe threat profile:

Impersonation Risk: The extension claims to be "Feedly Mini" but is published by an unverified developer. The legitimate Feedly user base is in the millions; a user count of 1,561 strongly suggests this is a malicious clone designed to deceive users.
Malware Capabilities: The YARA rules triggered (postinstall_...) are highly specific and concerning. They suggest the presence of malicious scripts often associated with supply chain attacks (e.g., compromised npm packages bundled into the extension).
System-Level Impact: Unlike typical privacy-invasive extensions that only track browsing, this extension contains signatures for Registry Modification and System Command Execution. This implies the extension attempts to break out of the browser sandbox to affect the underlying operating system.
Dropper Behavior: The presence of postinstall_file_download and postinstall_file_manipulation suggests the extension may act as a "dropper," downloading and installing additional malicious payloads after the initial installation.

Risk Justification

Risk Score: 100.0/100 (CRITICAL) is fully justified and accurate.

Severity of Indicators: The findings are not merely "bad practices" (like using eval()); they are active malware signatures. The presence of persistence_mechanism and registry_modification elevates this from a browser threat to a full system compromise threat.
Volume of Findings: 2,634 total findings with 88 HIGH severity issues indicates a codebase that is fundamentally unsafe or heavily comprised of malicious libraries.
Lack of Accountability: The "Verified Publisher: false" status removes any chain of trust.

Key Findings

Malware Signature - Registry Modification: (Finding #18) The extension contains code capable of modifying the Windows Registry. Legitimate browser extensions rarely, if ever, require this capability.
Malware Signature - System Command Execution: (Finding #10, #19, #26) Indicators show the extension can execute shell commands on the host operating system, presenting a Remote Code Execution (RCE) risk.
Malware Signature - Persistence Mechanism: (Finding #27) The code contains logic designed to ensure the malware survives browser restarts or attempts at removal.
Malware Signature - File Download/Dropper: (Finding #1, #7, #17) The extension appears capable of silently downloading and executing external files.
Unverified Publisher & Low User Count: The metadata contradicts the profile of the legitimate Feedly brand, confirming a likely impersonation attack.

Recommendations

Immediate Removal: If installed, uninstall this extension immediately.
System Remediation: Because findings indicate "Registry Modification" and "Persistence Mechanisms," a simple uninstall may not be sufficient. Run a full anti-malware scan on the host endpoint to detect any dropped payloads.
Credential Rotation: Assume all data accessed via the browser (passwords, session tokens) while this extension was active has been compromised. Rotate credentials for sensitive accounts.
Blocklist: Add UUID 71e2e32e-86ff-567a-9796-c036e0f44992 to the organization's browser policy blocklist.
Report: Report the extension to the Firefox Add-ons store as malicious/impersonation.

Mitigation Strategies

There is no safe way to use this extension.
Given the presence of malware signatures related to system commands and registry modification, "mitigation" is not applicable. The risk cannot be reduced by restricting permissions because the malicious code is embedded within the extension's files. The only mitigation is total avoidance.

Confidence Assessment

Confidence: 80%
The analysis is based on static analysis and YARA signature matching. While YARA rules can occasionally produce false positives, the combination of specific "postinstall" malware signatures, the unverified publisher status, and the suspicious user count creates a convergence of evidence that makes the "Malicious" verdict highly reliable. The specific rule names (postinstall_...) strongly resemble signatures for known malicious packages often found in the JavaScript/npm ecosystem.

Disclaimer

This analysis was generated by an AI model and should be reviewed by security professionals. The findings are based on automated security scanning and may include false positives. Always verify critical findings manually before taking action.

Source Code Viewer

Source Code Not Available

Source code is not available for this version of the extension.