Is "Nodeblu" on Chrome Web Store Safe to Install?
Nodeblu helps you experiment with the Octoblu and Meshblu (formerly SkyNet.im) Internet of Things platforms by dragging, dropping, and wiring up various nodes connected to the platform! Nodeblu is Octoblu's fork of the popular NodeRED application from IBM. Since our app is deployed as a Chrome extension, we decided to add extra local features such as speech recognition and text-to-speech, a WebRTC webcam, HTML5 notifications, access to ChromeDB, a gamepad controller, and access to local and remote Arduino and Spark devices via our Microblu OS. You can run your Nodeblu flows on our servers by signing up for an Octoblu account today! For more information, please visit http://octoblu.com and http://skynet.im. #HackIoT
Risk Assessment
Analyzed3826 security findings detected across all analyzers
Chrome extension requesting 9 permissions
Severity Breakdown
Finding Categories
YARA Rules Matched
16 rules(955 hits)Requested Permissions
9 permissionsAbout This Extension
Detailed Findings
968 totalYARA Rule Matches
16 rulesIndicators of Compromise
Network indicators, suspicious strings, and potential IoCs extracted during analysis
All Indicators · 32
detected URL: https://coveralls.io/r/wearefractal/vinyl XIOC detected URL: https://coveralls.io/r/wearefractal/vinyl
extracted_from_files
detected Domain: request.data XIOC detected Domain: request.data
extracted_from_files
detected Domain: events.eventemitter.call XIOC detected Domain: events.eventemitter.call
extracted_from_files
detected Domain: board.firmware.name XIOC detected Domain: board.firmware.name
extracted_from_files
detected Domain: james.padolsey.com XIOC detected Domain: james.padolsey.com
extracted_from_files
detected Domain: eventemitter.prototype.off XIOC detected Domain: eventemitter.prototype.off
extracted_from_files
detected Domain: ieee754.read XIOC detected Domain: ieee754.read
extracted_from_files
detected Domain: arr.foo XIOC detected Domain: arr.foo
extracted_from_files
detected Domain: feross.org XIOC detected Domain: feross.org
extracted_from_files
detected Domain: msg.id XIOC detected Domain: msg.id
extracted_from_files
detected Domain: msg.name XIOC detected Domain: msg.name
extracted_from_files
detected Domain: n.property XIOC detected Domain: n.property
extracted_from_files
detected Domain: nf.show XIOC detected Domain: nf.show
extracted_from_files
detected Domain: exports.read XIOC detected Domain: exports.read
extracted_from_files
detected Domain: opts.pin XIOC detected Domain: opts.pin
extracted_from_files
detected Domain: modes.read XIOC detected Domain: modes.read
extracted_from_files
detected Domain: ghinda.net XIOC detected Domain: ghinda.net
extracted_from_files
detected Domain: blogs.msdn.com XIOC detected Domain: blogs.msdn.com
extracted_from_files
detected Domain: event.data.name XIOC detected Domain: event.data.name
extracted_from_files
detected Domain: server.app XIOC detected Domain: server.app
extracted_from_files
detected Domain: red.app XIOC detected Domain: red.app
extracted_from_files
detected Domain: rpc.id XIOC detected Domain: rpc.id
extracted_from_files
detected Domain: node.call XIOC detected Domain: node.call
extracted_from_files
detected Domain: www.mapbox.com XIOC detected Domain: www.mapbox.com
extracted_from_files
detected Domain: ci.appveyor.com XIOC detected Domain: ci.appveyor.com
extracted_from_files
detected Domain: api.travis-ci.org XIOC detected Domain: api.travis-ci.org
extracted_from_files
detected Domain: www.termsys.demon.co.uk XIOC detected Domain: www.termsys.demon.co.uk
extracted_from_files
detected Domain: kit.mit-license.org XIOC detected Domain: kit.mit-license.org
extracted_from_files
detected Domain: bestiejs.github.io XIOC detected Domain: bestiejs.github.io
extracted_from_files
detected Domain: mths.be XIOC detected Domain: mths.be
extracted_from_files
detected Domain: mapbox.com XIOC detected Domain: mapbox.com
extracted_from_files
detected Domain: tools.ietf.org XIOC detected Domain: tools.ietf.org
extracted_from_files
Security Analysis Summary
Security Analysis Overview
Nodeblu is a Chrome Web Store extension published by Unknown developer. Version 0.9.1 has been analyzed by the Risky Plugins security platform, receiving a risk score of 64.92/100 (MEDIUM risk) based on 3826 security findings.
Risk Assessment
This extension presents high security risk. Significant concerns were identified during analysis. It is not recommended for use in sensitive or production environments without thorough review.
Findings Breakdown
- High: 958 finding(s)
- Medium: 2868 finding(s)
What Was Analyzed
The security assessment covers multiple analysis categories:
- Malware Detection: YARA rule matching against 2,400+ malware signatures
- Secret Detection: Scanning for exposed API keys, tokens, and credentials
- Static Analysis: Code-level security analysis for common vulnerability patterns
- Network Analysis: Detection of suspicious network communications and endpoints
- Obfuscation Detection: Identification of code obfuscation techniques
Developer Information
Nodeblu is published by Unknown developer on the Chrome Web Store marketplace. The extension has approximately 77 users.
Recommendation
This extension is not recommended for installation without thorough manual review. Consider alternatives with lower risk scores, or contact the developer to address the identified security concerns.
Source Code Not Available
Source code is not available for this version of the extension.
Frequently Asked Questions
Similar Extensions
Related extensions from the same publisher or marketplace
KPN Password Manager
[email protected]
MAGgie - An AI Assistant
[email protected]
Aintivirus Privacy and Wallet
[email protected]
BugZap — Visual Bug Reporter
[email protected]
FormGenieAI
[email protected]
OmniChat
[email protected]