影刀RPA

Name: Security Analysis: 影刀RPA
Item: 影刀RPA
Rating: 5
Author: ChromeBoard

🔍 Security Report Available

👥 800K+ users

📦 v3.1.0.0

💾 68.57KiB

📅 2025-11-10

View on Chrome Web Store

Chrome will indicate if you already have this installed.

Overview

影刀Chrome自动化插件

Privacy Practices

✓ Not being sold to third parties, outside of the approved use cases

✓ Not being used or transferred for purposes that are unrelated to the item's core functionality

✓ Not being used or transferred to determine creditworthiness or for lending purposes

v3.1.0.0 Info Scanned Mar 6, 2026

Security Analysis — 影刀RPA

Analyzed v3.1.0.0 · Mar 6, 2026 · 3 JS files · 457 KB scanned

Permissions

Code Patterns Detected

External Connections

github.com www.winrobot360.com

Package Contents 11 files · 471KB

▾📁_metadata2KB

{}verified_contents.json2KB

▾📁icons9KB

🖼shadow128.png4KB

🖼shadow16.png419B

🖼shadow32.png859B

🖼shadow48.png2KB

🖼shadow64.png2KB

📜Background.Static.js207KBlarge

🌐BackgroundPage.html2KB

📜BackgroundServiceWorker.js249KBlarge

📜Content.Static.js670B

{}manifest.json2KB

What This Extension Does

影刀rpa is a Chrome automation plugin that helps developers with productivity tasks. It has been installed by over 800,000 users. While it may be useful for its intended purpose, this report highlights potential security concerns related to its permissions and behavior.

Permissions Explained

cookiescheck this: This permission allows the extension to access browser cookies, which can include sensitive information like login credentials or personalization data.
Technical: The extension has access to chrome.cookies API, allowing it to read and modify cookies. This could be used for tracking user activity or stealing sensitive information. ⚠ 1
managementcheck this: This permission allows the extension to manage browser settings and extensions.
Technical: The extension has access to chrome.management API, allowing it to install, update, or remove other extensions. This could be used for malicious purposes like installing malware or hijacking user data. ⚠ 1
tabscheck this: This permission allows the extension to access and manipulate browser tabs.
Technical: The extension has access to chrome.tabs API, allowing it to create, update, or delete tabs. This could be used for malicious purposes like hijacking user browsing sessions or stealing sensitive information. ⚠ 1
debuggercheck this: This permission allows the extension to access and manipulate browser debugging tools.
Technical: The extension has access to chrome.debugger API, allowing it to inspect and modify browser code. This could be used for malicious purposes like injecting malware or stealing sensitive information. ⚠ 1
nativeMessagingcheck this: This permission allows the extension to communicate with native applications on the user's system.
Technical: The extension has access to chrome.nativeMessaging API, allowing it to send and receive messages with native apps. This could be used for malicious purposes like injecting malware or stealing sensitive information. ⚠ 1
<all_urls>check this: This permission allows the extension to access all URLs visited by the user, including those on secure (HTTPS) connections.
Technical: The extension has access to chrome.tabs API with <all_urls> permission, allowing it to read and modify any URL visited by the user. This could be used for malicious purposes like tracking user activity or stealing sensitive information. ⚠ 1
downloadscheck this: This permission allows the extension to access and manipulate browser downloads.
Technical: The extension has access to chrome.downloads API, allowing it to create, update, or delete downloads. This could be used for malicious purposes like hijacking user downloads or stealing sensitive information. ⚠ 1
scriptingcheck this: This permission allows the extension to execute scripts in the browser context.
Technical: The extension has access to chrome.scripting API, allowing it to inject and execute scripts in web pages. This could be used for malicious purposes like injecting malware or stealing sensitive information. ⚠ 1
storagecheck this: This permission allows the extension to access and manipulate browser storage.
Technical: The extension has access to chrome.storage API, allowing it to read and write data in browser storage. This could be used for malicious purposes like stealing sensitive information or tracking user activity. ⚠ 1
clipboardReadcheck this: This permission allows the extension to access clipboard content.
Technical: The extension has access to chrome.clipboard API, allowing it to read and modify clipboard content. This could be used for malicious purposes like stealing sensitive information or tracking user activity. ⚠ 1
clipboardWritecheck this: This permission allows the extension to write to the clipboard.
Technical: The extension has access to chrome.clipboard API, allowing it to modify clipboard content. This could be used for malicious purposes like injecting malware or stealing sensitive information. ⚠ 1

Your Data

The extension accesses browser cookies and clipboard content, which can include sensitive information like login credentials or personalization data. It also sends requests to github.com and www.winrobot360.com, which may be used for tracking user activity or stealing sensitive information.

Technical Details

The extension uses the following domains: github.com, www.winrobot360.com. It accesses browser cookies, clipboard content, and storage data. The extension also injects scripts into web pages using the chrome.scripting API.

Code Findings

Potential Hardcoded SecretMedium

The extension may contain a hardcoded secret, which could be used for malicious purposes like injecting malware or stealing sensitive information.

Technical: The extension contains a hardcoded string in one of its JavaScript files. This string is not clearly documented and may be used as a secret key or password.

💡 Hardcoded secrets are commonly used in legitimate extensions to authenticate with APIs or services.

Accesses Browser CookiesHigh

The extension accesses browser cookies, which can include sensitive information like login credentials or personalization data.

Technical: The extension uses the chrome.cookies API to read and modify cookies. This could be used for malicious purposes like tracking user activity or stealing sensitive information.

💡 Legitimate extensions may access browser cookies to provide features like password management or personalized recommendations.

Reads Clipboard ContentHigh

The extension reads clipboard content, which can include sensitive information like login credentials or personalization data.

Technical: The extension uses the chrome.clipboard API to read and modify clipboard content. This could be used for malicious purposes like tracking user activity or stealing sensitive information.

💡 Legitimate extensions may read clipboard content to provide features like text formatting or code completion.

Writes to ClipboardMedium

The extension writes to the clipboard, which could be used for malicious purposes like injecting malware or stealing sensitive information.

Technical: The extension uses the chrome.clipboard API to modify clipboard content. This could be used for malicious purposes like injecting malware or stealing sensitive information.

💡 Legitimate extensions may write to the clipboard to provide features like text formatting or code completion.

Bottom Line

Based on this report, we recommend that users exercise caution when installing and using the 影刀rpa extension. While it may be useful for its intended purpose, the extension's permissions and behavior raise concerns about data exposure and potential malicious activity. Users should carefully review the extension's permissions and behavior before installing or updating it.