Submit a Browser Extension
Submit a browser extension for RepoRisk to analyze for security vulnerabilities and code quality issues.
Submission Methods
You can submit a browser extension in two ways:
- By URL — Submit a link to a webstore (Chrome, Edge, or Firefox)
- By Upload — Upload an extension file manually
Submit by Webstore URL
Supported Webstores
RepoRisk can analyze extensions from:
- Chrome Web Store — https://chromewebstore.google.com/
- Microsoft Edge Add-ons — https://microsoftedge.microsoft.com/addons/
- Firefox Add-ons — https://addons.mozilla.org/
Submitting a Webstore Extension
- Log in to your RepoRisk account at https://app.canirunthat.com
- Click the Submit Repository button in the top navigation bar
- Select the "Submit by URL" tab
- Enter the webstore URL of the extension
- Example:
https://chromewebstore.google.com/detail/extension-name/ABC123DEF456 - Example:
https://addons.mozilla.org/en-US/firefox/addon/extension-name/
- Example:
- Optionally configure scheduled rescans (see Scan Scheduling)
- Note: Scheduled rescans are available for webstore URL submissions only
- Click "Start Analysis"
Submit by File Upload
You can manually upload a browser extension file for analysis. The extension must contain a manifest.json file.
Submitting an Extension File
- Log in to your RepoRisk account at https://app.canirunthat.com
- Click the Submit Repository button in the top navigation bar
- Select the "Upload Extension File" tab
- Click the "Choose File" button or drag and drop your extension file
- Click "Start Analysis"
Note: Scheduled rescans are not available for manually uploaded extensions. To enable scheduled rescans, submit a webstore URL instead.
What Happens After Submission
After submission, you'll be taken to a status page showing the analysis progress.
Important: The status page may appear to freeze or hang briefly while waiting for batch AI queries to complete. This is normal and expected — the system is processing your extension in the background.
The extension code, manifest, dependencies, and permissions are analyzed for security vulnerabilities and code quality issues.
Processing Time:
- The system uses batch processing with Anthropic for cost efficiency
- Processing can technically take up to 24 hours
- In most cases, analysis completes within a few minutes
Once complete, you'll be able to access the full report.
Alternative: Submit a Git Repository
If you prefer to analyze your extension's source code directly from a Git repository, see Submit a Repository.
Next Steps
- Monitor Progress: Watch your extension analysis on the Repository Status page
- View Reports: Once analysis is complete, review your security findings in the Security Reports
- Schedule Scans (URL submissions only): Set up automated scans in Scan Scheduling
Troubleshooting
Common Issues
"manifest.json not found"
- Ensure your extension file includes a valid
manifest.jsonfile
"Upload failed"
- Check your internet connection and try again
- Verify the extension file is valid
"Analysis fails after upload"
- Verify the extension has a valid
manifest.json
For additional help, contact support at support@canirunthat.com.