Permission Risk Table¶
Every permission in the curated PERMISSION_TABLE, grouped by risk level.
These are the exact classifications the zovo.one scanner
applies when it audits an installed extension's manifest.
LOW¶
Least-privileged. No persistent broad access; scoped to an explicit user gesture or confined to the extension's own sandbox.
| Permission | Description |
|---|---|
activeTab |
Grants temporary access to the current tab only when the user explicitly clicks the extension's action. No persistent background access to any site. |
contextMenus |
Adds items to the browser's right-click context menu. No page content access by itself. |
storage |
Stores extension data locally (synced/local). Confined to the extension's own sandbox; cannot read site data. |
alarms |
Schedules code to run at a future time. No content access by itself. |
idle |
Detects when the machine is idle or locked. No page content access. |
notifications |
Shows desktop notifications. No page content access. |
power |
Keeps the screen or system awake. No content access. |
tts |
Text-to-speech output. No content access. |
unlimitedStorage |
Removes the extension storage quota. No extra site access. |
declarativeNetRequest |
Blocks or modifies network requests via static rules (the MV3 content-blocker path). Less powerful than webRequest blocking, but can still read request URLs. |
MEDIUM¶
Sensitive. Grants meaningful read/write access (history, downloads, per-site host permissions, the clipboard) but is not a blanket global grant.
| Permission | Description |
|---|---|
bookmarks |
Reads and modifies the user's full bookmark tree. |
history |
Reads and clears the user's full browsing history. |
downloads |
Initiates, monitors, and opens downloads; can open arbitrary files from the download shelf. |
downloads.open |
Opens downloaded files on disk. Combined with a hostile download this can execute local content. |
geolocation |
Reads the user's GPS / IP-derived location (subject to a per-site permission prompt). |
clipboardWrite |
Writes to the system clipboard. Can overwrite a copied password or inject pasted content. |
clipboardRead |
Reads the system clipboard, which frequently contains copied passwords, tokens, or private text. |
identity |
Triggers OAuth sign-in and obtains the user's signed-in account email / profile and an auth token. |
management |
Lists, enables, disables, and uninstalls other installed extensions. |
tabs |
Reads the URL and title of every open tab and receives tab-update events. Effectively full browsing-session visibility. |
tabGroups |
Reads and modifies tab groups, exposing which sites the user clusters together. |
topSites |
Reads the user's most-visited sites (the new-tab shortcuts). |
sessions |
Reads recently closed tabs and windows across devices. |
pageCapture |
Saves the current page as an MHTML archive, capturing rendered content. |
search |
Sets the default search provider and issues queries. |
Scoped host match-patterns (e.g. *://*.example.com/*,
https://*.mybank.com/*) are also classified as Medium — they grant
content access to one domain family rather than the entire web.
HIGH¶
Broad, persistent, cross-origin or sensitive-system access. Treat any extension requesting these as needing careful review.
| Permission | Description |
|---|---|
cookies |
Reads and modifies all cookies for any site the extension has host access to, including session and auth cookies. |
webRequest |
Observes (and in MV2 could block) every network request and response, exposing full URLs, headers, and bodies including credentials. |
debugger |
Attaches the Chrome DevTools Protocol to a tab, giving full DOM, network, and JS execution control — effectively total control of the page. |
nativeMessaging |
Talks to a native application installed on the user's machine. Escapes the browser sandbox entirely. |
fileSystem |
Reads and writes files outside the browser sandbox (where granted by the platform). |
<all_urls> |
Requests host access to every site on the web. Combined with content scripts this means any page's content, forms, and credentials can be read. |
*://*/* |
Match pattern granting host access to every http/https URL. Equivalent in effect to <all_urls> for normal browsing. |
http://*/* |
Host access to every plain-http URL, including login pages and intranet sites. |
https://*/* |
Host access to every secure URL on the web. |
file:///* |
Host access to local files via the file:// scheme, subject to the "allow access to file URLs" toggle. |
proxy |
Configures the browser's proxy settings. A hostile extension can redirect all traffic through an attacker-controlled server. |
privacy |
Reads and changes privacy-related browser settings (do-not-track, third-party cookies, hyperlink auditing). |
system.cpu |
Reads detailed CPU metadata useful for device fingerprinting. |
system.memory |
Reads physical memory capacity, a device-fingerprinting signal. |
system.storage |
Reads attached storage device metadata and can eject devices. |
system.network |
Reads network interface metadata exposing the local network topology. |
system.display |
Reads display metadata (resolution, DPI) usable for fingerprinting. |
vpnProvider |
Configures a VPN (ChromeOS), which can redirect and intercept all network traffic. |
enterprise.networkingAttributes |
Reads detailed network attributes (ChromeOS enterprise), exposing internal network identity. |
webNavigation |
Receives the full navigation events of every frame in every tab, including the URL of every frame and redirect. |
scripting |
Injects arbitrary JavaScript into pages for which the extension has host permission — full page control at runtime (MV3 successor to tabs.executeScript). |
contentSettings |
Reads and modifies per-site content settings (cookies, javascript, plugins, mic, camera) for every origin. |
Combinations matter¶
A single permission's level is only part of the picture. The genuinely dangerous pairings are:
cookies+<all_urls>→ can steal session tokens for every site.webRequest+<all_urls>→ can read every request body, including submitted passwords.scripting+<all_urls>→ can inject arbitrary JS into any page, including bank logins.nativeMessaging+ anything → escapes the browser sandbox.
Use highest_risk to compute the dominant risk
across a manifest, then surface the individual High entries for review.
This is exactly what the zovo.one scanner does.