Is ExpressKeys: Password Manager safe?

Legitimate password manager from ExpressVPN with appropriate security architecture. Uses native desktop app integration (com.expressvpn.helper), WebAssembly-based cryptography (10.8MB pmcore_bg.wasm), and standard autofill mechanisms. All network communications verified to legitimate ExpressVPN/Kape infrastructure (expressapisv2.net, api.jwks.kape.com). Static analyzer's 21 exfiltration flows are false positives from vault synchronization and native app communication. Privacy permission disables Chrome password manager (standard practice). Includes telemetry to RudderStack/LaunchDarkly. CSP wasm-unsafe-eval required for WASM crypto operations. No credential theft, hardcoded secrets, or malicious behavior detected. Comparable to 1Password/Bitwarden architecture.