Is Chrome Apps & Extensions Developer Tool safe?

Clean risk

Official Chrome developer tool with a minor postMessage vulnerability. The extension uses privileged Chrome APIs (developerPrivate, activityLogPrivate) for debugging extensions, and contains a postMessage handler without origin validation that could allow cross-origin message injection.

kelvinjiangv0.1.19Chrome Web Store
0Risk

AI-generated. Findings may contain errors. Those marked Verified have been manually reviewed.

Publishers can request a review.

Updated 21 May 2026ohmmkhmmmpcnpikjeljgnaoabkaalbgc