About ChromeBoard
ChromeBoard is an independent security analysis platform for Chrome extensions. We download actual extension source code and run it through local AI models to produce plain-English security reports — permissions explained, code patterns flagged, external connections identified.
No scores. No verdicts. Just facts and context so you can make your own decision.
How It Works
- We index Chrome extensions from the Chrome Web Store — over 250,000 and counting.
- When an extension is queued (by us or by a user request), we download its .crx package.
- We extract and scan the source code: permissions, JavaScript patterns, external domains.
- A local AI model generates a structured, human-readable security analysis.
- The code is discarded after analysis. We store only the report and scan metadata.
The AI Stack
Reports are generated by open-source large language models running entirely on our own hardware — no data leaves our servers, no third-party AI APIs are used. This keeps costs low and privacy intact, but it also means scans take a few minutes per extension.
We're actively looking for sponsors to help fund AI compute — faster hardware would mean faster scans and more coverage.
What We Cover
- 250,000+ Chrome extensions indexed from the Web Store
- Growing library of AI-generated security reports
- Permissions explained in plain English
- External network connections identified per extension
- Code pattern detection (eval, dynamic execution, keyboard listeners, etc.)
- Version tracking — new extension versions trigger automatic rescans
- User-requested scans via any extension page
Contact
Questions, feedback, partnership, or want your extension featured? Contact us.
Disclaimer
ChromeBoard is an independent project and is not affiliated with, endorsed by, or sponsored by Google. All extension data is sourced from publicly available information on the Chrome Web Store. Security reports are generated by AI models and should not be treated as professional security audits. Chrome™ is a trademark of Google LLC.