Is Tera Reply safe to use?

Tera Reply has a security risk score of 62.85/100 (MEDIUM risk). Our security analysis detected 135 findings. Review the detailed security assessment below to understand the specific risks before installation.

What are the security risks of Tera Reply?

Based on our automated security analysis, Tera Reply presents medium risk level. The extension is analyzed for malware patterns, secret exposure, network communications, permissions, and supply chain vulnerabilities.

How is the security score calculated?

Risky Plugins calculates security scores using weighted categories: severity of findings (25 points max), malware detections (35 points), secret exposure (28 points), network communications (10 points), and obfuscation (10 points). Scores range from 0-100, with higher scores indicating greater risk.

What does CRITICAL, HIGH, MEDIUM, LOW, MINIMAL risk mean?

CRITICAL (80-100): Severe security issues like malware. HIGH (60-79): Significant vulnerabilities. MEDIUM (40-59): Moderate security concerns. LOW (20-39): Minor issues. MINIMAL (0-19): Very low risk. Always review findings before installing any extension.

Is "Tera Reply" on Chrome Web Store Safe to Install?

[email protected] · chrome · v1.0.0

【アプリ名】 Tera Reply - AIがあなたの分身に (Gemini API) 【概要】 AI（Gemini API）があなたの分身に。あなたを覚えて、相手を覚えて、返信コメントを作成します。【詳細説明】「Tera Reply」は、あなたの個性と文脈を学習し、相手に合わせた最適な返信を瞬時に生成する、Google Gemini APIを活用したChrome拡張機能です。 SNS、メール、チャットでの返信に悩む時間をゼロにしませんか？「Tera Reply」は、単なる定型文ツールではありません。あなたの「口調（ペルソナ）」と、相手との「関係性（コンテキスト）」を設定することで、まるであなたが考えたような、しかしより洗練された返信案を提案します。 ■ 主な機能 1. あなたの分身を作成（Me - Persona）あなたの肩書き、口調、大切にしている価値観を設定できます。「プロフェッショナル」「フレンドリー」「ユーモラス」など、TPOに合わせた使い分けが可能になります。 2. 相手を知る（Target - Persona）よくやり取りする相手（上司、クライアント、友人など）を登録できます。相手との過去の文脈や、対話の目的（信頼構築、契約獲得など）を記憶させることができます。 3. コンテキスト認識AI Webページ上のテキストを選択して右クリックするだけで、その文脈を読み取り、最適な返信を生成します。 Googleの最新AIモデル「Gemini 3.0 / 2.5」シリーズに対応。 4. プライバシーファーストすべての設定データはブラウザ内に保存され、外部サーバーには送信されません。（AI生成時のみGoogleのAPIを経由しますが、データは学習に使用されません ※API利用規約に準拠） -------------------------------------------------- ■ 使い方（3ステップで完了） 1. 初期設定拡張機能をインストールしたら、アイコンをクリックして「一般設定」を開きます。・APIキーの設定: Google AI Studioから取得したAPIキーを入力します。・モデル選択: デフォルトは高速・高精度の Gemini 2.5 Flash ですが、より高度な思考が必要な場合は Gemini 3.0 Pro も選択可能です。 2. ペルソナとターゲットの登録・返信者ペルソナ: あなた自身の情報を入力します。（例：「エンジニア、論理的かつ丁寧」）・返信先ペルソナ: 相手の情報を登録します。（例：「田中部長、決裁権者、簡潔な報告を好む」） 3. 返信の生成 (1) 返信したいテキスト（メール本文やSNSの投稿など）をコピー（Ctrl+C）します。 (2) Tera Replyを開き、サイドパネルで「返信したい相手」を選択します。 (3) サイドパネル内の「返信したい内容の入力欄」にペースト、返信したい感情をクリックすると、AIが生成した返信案が表示されます。 (4) 内容を確認し、コピーボタン押して完了です。 ■ 対応モデル・Gemini 3.0 Pro / Flash (Latest) ・Gemini 2.5 Pro / Flash / Flash-Lite ・Gemini 2.0 Flash -------------------------------------------------- ※本拡張機能を利用するには、Google AI StudioのAPIキー（無料枠あり）が必要です。

Risk Assessment

Analyzed

62.85

out of 100

MEDIUM

135 security findings detected across all analyzers

Chrome extension requesting 2 permissions

Severity Breakdown

Critical

High

117

Medium

Low

Info

Finding Categories

Network

108

IoC Indicators

YARA Rules Matched

10 rules(18 hits)

postinstall obfuscation LocalStorageShouldNotBeUsed postinstall file manipulation postinstall network communication postinstall file download postinstall system command NoUseWeakRandom postinstall crypto operations postinstall environment access AlertStatementsShouldNotBeUsed

Requested Permissions

2 permissions

storage

Low

sidePanel

Low

About This Extension

Detailed Findings

20 total

YARA Rule Matches

10 rules

Indicators of Compromise

Network indicators, suspicious strings, and potential IoCs extracted during analysis

URLs

IP Addresses

Domains

Strings

108

All Indicators · 108

detected IP: ::bac

XIOC detected IP: ::bac

extracted_from_files

Domain

detected Domain: n.call

XIOC detected Domain: n.call

extracted_from_files

URL

detected URL: http://www.w3.org/1999/xlink

XIOC detected URL: http://www.w3.org/1999/xlink

extracted_from_files

URL

detected URL: http://www.w3.org/2000/svg

XIOC detected URL: http://www.w3.org/2000/svg

extracted_from_files

URL

detected URL: http://www.w3.org/1998/Math/MathML

XIOC detected URL: http://www.w3.org/1998/Math/MathML

extracted_from_files

URL

detected URL: https://generativelanguage.googleapis.com/v1beta/models

XIOC detected URL: https://generativelanguage.googleapis.com/v1beta/models

extracted_from_files

URL

detected URL: https://makersuite.google.com/app/apikey

XIOC detected URL: https://makersuite.google.com/app/apikey

extracted_from_files

URL

detected URL: https://clients2.google.com/service/update2/crx

XIOC detected URL: https://clients2.google.com/service/update2/crx

extracted_from_files

Domain

detected Domain: s.me

XIOC detected Domain: s.me

extracted_from_files

Domain

detected Domain: clients2.google.com

XIOC detected Domain: clients2.google.com

extracted_from_files

URL

detected URL: https://react.dev/errors/

XIOC detected URL: https://react.dev/errors/

extracted_from_files

Domain

detected Domain: a.me

XIOC detected Domain: a.me

extracted_from_files

Domain

detected Domain: r.name

XIOC detected Domain: r.name

extracted_from_files

Domain

detected Domain: s.id

XIOC detected Domain: s.id

extracted_from_files

Domain

detected Domain: c.map

XIOC detected Domain: c.map

extracted_from_files

Domain

detected Domain: l.download

XIOC detected Domain: l.download

extracted_from_files

Domain

detected Domain: l.click

XIOC detected Domain: l.click

extracted_from_files

Domain

detected Domain: t.click

XIOC detected Domain: t.click

extracted_from_files

Domain

detected Domain: d.id

XIOC detected Domain: d.id

extracted_from_files

Domain

detected Domain: k.id

XIOC detected Domain: k.id

extracted_from_files

Domain

detected Domain: n.name

XIOC detected Domain: n.name

extracted_from_files

Domain

detected Domain: s.name

XIOC detected Domain: s.name

extracted_from_files

Domain

detected Domain: t.map

XIOC detected Domain: t.map

extracted_from_files

Domain

detected Domain: l.next

XIOC detected Domain: l.next

extracted_from_files

Domain

detected Domain: makersuite.google.com

XIOC detected Domain: makersuite.google.com

extracted_from_files

Domain

detected Domain: a.id

XIOC detected Domain: a.id

extracted_from_files

Domain

detected Domain: generativelanguage.googleapis.com

XIOC detected Domain: generativelanguage.googleapis.com

extracted_from_files

Domain

detected Domain: u.parts

XIOC detected Domain: u.parts

extracted_from_files

Domain

detected Domain: z.map

XIOC detected Domain: z.map

extracted_from_files

Domain

detected Domain: t.me

XIOC detected Domain: t.me

extracted_from_files

Domain

detected Domain: m.map

XIOC detected Domain: m.map

extracted_from_files

Domain

detected Domain: a.media

XIOC detected Domain: a.media

extracted_from_files

Domain

detected Domain: mn.call

XIOC detected Domain: mn.call

extracted_from_files

Domain

detected Domain: this.next

XIOC detected Domain: this.next

extracted_from_files

Domain

detected Domain: n.info

XIOC detected Domain: n.info

extracted_from_files

Domain

detected Domain: chrome.storage

XIOC detected Domain: chrome.storage

extracted_from_files

Domain

detected Domain: u.me

XIOC detected Domain: u.me

extracted_from_files

Domain

detected Domain: it.me

XIOC detected Domain: it.me

extracted_from_files

Domain

detected Domain: au.next

XIOC detected Domain: au.next

extracted_from_files

Domain

detected Domain: l.id

XIOC detected Domain: l.id

extracted_from_files

Domain

detected Domain: m.target

XIOC detected Domain: m.target

extracted_from_files

Domain

detected Domain: p.data

XIOC detected Domain: p.data

extracted_from_files

Domain

detected Domain: e.target

XIOC detected Domain: e.target

extracted_from_files

Domain

detected Domain: a.data

XIOC detected Domain: a.data

extracted_from_files

Domain

detected Domain: u.media

XIOC detected Domain: u.media

extracted_from_files

Domain

detected Domain: a.is

XIOC detected Domain: a.is

extracted_from_files

Domain

detected Domain: l.events

XIOC detected Domain: l.events

extracted_from_files

Domain

detected Domain: u.property

XIOC detected Domain: u.property

extracted_from_files

Domain

detected Domain: n.style

XIOC detected Domain: n.style

extracted_from_files

Domain

detected Domain: i.memoizedprops.style

XIOC detected Domain: i.memoizedprops.style

extracted_from_files

Domain

detected Domain: n.id

XIOC detected Domain: n.id

extracted_from_files

Domain

detected Domain: s.top

XIOC detected Domain: s.top

extracted_from_files

Domain

detected Domain: ul.next

XIOC detected Domain: ul.next

extracted_from_files

Domain

detected Domain: a.data.map

XIOC detected Domain: a.data.map

extracted_from_files

Domain

detected Domain: v.next

XIOC detected Domain: v.next

extracted_from_files

Domain

detected Domain: a.next

XIOC detected Domain: a.next

extracted_from_files

Domain

detected Domain: e.data

XIOC detected Domain: e.data

extracted_from_files

Domain

detected Domain: t.events

XIOC detected Domain: t.events

extracted_from_files

Domain

detected Domain: u.compare

XIOC detected Domain: u.compare

extracted_from_files

Domain

detected Domain: n.next

XIOC detected Domain: n.next

extracted_from_files

Domain

detected Domain: u.next

XIOC detected Domain: u.next

extracted_from_files

Domain

detected Domain: i.next

XIOC detected Domain: i.next

extracted_from_files

Domain

detected Domain: o.next

XIOC detected Domain: o.next

extracted_from_files

Domain

detected Domain: z.call

XIOC detected Domain: z.call

extracted_from_files

Domain

detected Domain: h.next

XIOC detected Domain: h.next

extracted_from_files

Domain

detected Domain: n.events

XIOC detected Domain: n.events

extracted_from_files

Domain

detected Domain: a.name

XIOC detected Domain: a.name

extracted_from_files

Domain

detected Domain: c.next

XIOC detected Domain: c.next

extracted_from_files

Domain

detected Domain: mt.next

XIOC detected Domain: mt.next

extracted_from_files

Domain

detected Domain: object.prototype.tostring.call

XIOC detected Domain: object.prototype.tostring.call

extracted_from_files

Domain

detected Domain: d.next

XIOC detected Domain: d.next

extracted_from_files

Domain

detected Domain: a.call

XIOC detected Domain: a.call

extracted_from_files

Domain

detected Domain: t.next

XIOC detected Domain: t.next

extracted_from_files

Domain

detected Domain: l.data

XIOC detected Domain: l.data

extracted_from_files

Domain

detected Domain: t.data

XIOC detected Domain: t.data

extracted_from_files

Domain

detected Domain: object.is

XIOC detected Domain: object.is

extracted_from_files

Domain

detected Domain: t.target

XIOC detected Domain: t.target

extracted_from_files

Domain

detected Domain: e.next

XIOC detected Domain: e.next

extracted_from_files

Domain

detected Domain: f.next

XIOC detected Domain: f.next

extracted_from_files

Domain

detected Domain: t.id

XIOC detected Domain: t.id

extracted_from_files

Domain

detected Domain: e.id

XIOC detected Domain: e.id

extracted_from_files

Domain

detected Domain: l.style

XIOC detected Domain: l.style

extracted_from_files

Domain

detected Domain: l.target

XIOC detected Domain: l.target

extracted_from_files

Domain

detected Domain: u.name

XIOC detected Domain: u.name

extracted_from_files

Domain

detected Domain: e.name

XIOC detected Domain: e.name

extracted_from_files

Domain

detected Domain: this.target

XIOC detected Domain: this.target

extracted_from_files

Domain

detected Domain: date.now

XIOC detected Domain: date.now

extracted_from_files

Domain

detected Domain: t.media

XIOC detected Domain: t.media

extracted_from_files

Domain

detected Domain: l.name

XIOC detected Domain: l.name

extracted_from_files

Domain

detected Domain: t.name

XIOC detected Domain: t.name

extracted_from_files

Domain

detected Domain: g.call

XIOC detected Domain: g.call

extracted_from_files

Domain

detected Domain: l.call

XIOC detected Domain: l.call

extracted_from_files

Domain

detected Domain: pf.call

XIOC detected Domain: pf.call

extracted_from_files

Domain

detected Domain: e.call

XIOC detected Domain: e.call

extracted_from_files

Domain

detected Domain: t.call

XIOC detected Domain: t.call

extracted_from_files

Domain

detected Domain: ay.call

XIOC detected Domain: ay.call

extracted_from_files

Domain

detected Domain: e.id-n.id

XIOC detected Domain: e.id-n.id

extracted_from_files

Domain

detected Domain: performance.now

XIOC detected Domain: performance.now

extracted_from_files

Domain

detected Domain: n.now

XIOC detected Domain: n.now

extracted_from_files

Domain

detected Domain: f.now

XIOC detected Domain: f.now

extracted_from_files

Domain

detected Domain: t.as

XIOC detected Domain: t.as

extracted_from_files

detected IP: ::

XIOC detected IP: ::

extracted_from_files

detected IP: ea::

XIOC detected IP: ea::

extracted_from_files

Domain

detected Domain: react.dev

XIOC detected Domain: react.dev

extracted_from_files

Domain

detected Domain: www.w3.org

XIOC detected Domain: www.w3.org

extracted_from_files

Domain

detected Domain: object.prototype.hasownproperty.call

XIOC detected Domain: object.prototype.hasownproperty.call

extracted_from_files

Domain

detected Domain: i.call

XIOC detected Domain: i.call

extracted_from_files

Domain

detected Domain: r.map

XIOC detected Domain: r.map

extracted_from_files

Security Analysis Summary

Security Analysis Overview

Tera Reply is a Chrome Web Store extension published by [email protected]. Version 1.0.0 has been analyzed by the Risky Plugins security platform, receiving a risk score of 62.85/100 (MEDIUM risk) based on 135 security findings.

Risk Assessment

This extension presents high security risk. Significant concerns were identified during analysis. It is not recommended for use in sensitive or production environments without thorough review.

Findings Breakdown

Medium: 117 finding(s)
Low: 18 finding(s)

What Was Analyzed

The security assessment covers multiple analysis categories:

Malware Detection: YARA rule matching against 2,400+ malware signatures
Secret Detection: Scanning for exposed API keys, tokens, and credentials
Static Analysis: Code-level security analysis for common vulnerability patterns
Network Analysis: Detection of suspicious network communications and endpoints
Obfuscation Detection: Identification of code obfuscation techniques

Developer Information

Tera Reply is published by [email protected] on the Chrome Web Store marketplace. The extension has approximately 1 users.

Recommendation

This extension is not recommended for installation without thorough manual review. Consider alternatives with lower risk scores, or contact the developer to address the identified security concerns.

Source Code Viewer

Source Code Not Available

Source code is not available for this version of the extension.

Frequently Asked Questions

Similar Extensions

Related extensions from the same publisher or marketplace

Tera Writer

[email protected]

CRITICAL 2 users

Tera Assistant

[email protected]

MEDIUM

Research Notes

[email protected]

CRITICAL 2K users

RoTrade - Roblox Trading Automated

[email protected]

CRITICAL 95 users

PubMed Citation Bar

[email protected]

CRITICAL 545 users

Cover-Letter-AI

[email protected]

CRITICAL

Is "Tera Reply" on Chrome Web Store Safe to Install?

Risk Assessment

Severity Breakdown

Finding Categories

YARA Rules Matched

Requested Permissions

About This Extension

Detailed Findings

NET-FETCH-assets/index-BXR_sDif.js-1

NET-FETCH-assets/index.html-hWBP-jt3.js-7

YARA Rule Matches

postinstall obfuscation

LocalStorageShouldNotBeUsed

postinstall file manipulation

postinstall network communication

postinstall file download

postinstall system command

NoUseWeakRandom

postinstall crypto operations

postinstall environment access

AlertStatementsShouldNotBeUsed

Indicators of Compromise

All Indicators · 108

Security Analysis Summary

Security Analysis Overview

Risk Assessment

Findings Breakdown

What Was Analyzed

Developer Information

Recommendation

Frequently Asked Questions

Similar Extensions

Tera Writer

Tera Assistant

Research Notes

RoTrade - Roblox Trading Automated

PubMed Citation Bar

Cover-Letter-AI