LayerX vs Am I Being Pwned
LayerX ExtensionPedia vs Am I Being Pwned
LayerX ExtensionPedia scores 200,000+ extensions by permissions and reputation, no install needed. Here's what an isolated run and captured evidence catch that reputation misses.
Does LayerX ExtensionPedia tell you if an extension is safe?
LayerX's ExtensionPedia is a free public database that assigns a unified risk score to 200,000+ extensions, so you can look one up without installing it. The score is built from permission scope, publisher reputation and LayerX's risk parameters, and the company pitches it as a way to assess an extension 'even if it's not yet installed'.
LayerX does do real behavioural monitoring, to be clear - but that's its browser agent watching an already-installed extension in live user sessions and flagging risky behaviour as it happens. Genuinely behavioural, and useful, but reactive: the extension is running on a real person before it's judged, and what you get is monitoring and a score, not the record of a controlled run.
The score's soft spot is reputation. ExtensionPedia scored WhatRuns 4.2 out of 10 - a middling Medium - about what you'd expect for a Featured, Verified, 400k-user extension. It was uploading users' ChatGPT and Claude chats the whole time, and the score never said so. A permission-and-reputation model can't see that; running the extension can. Am I Being Pwned judges the call on behaviour, not the publisher's standing.
What LayerX gives you
- ExtensionPedia: a free public risk score for 200,000+ extensions, lookable without installing anything
- A unified score from permission scope, publisher reputation and LayerX's risk parameters
- Real-time behavioural monitoring of installed extensions via the LayerX browser agent in live sessions
- A full enterprise-browser platform around it - in-browser DLP, GenAI and identity governance, shadow-SaaS discovery
- Widely-cited 'best tools' comparison content that ranks across the category
Where it stops
- ExtensionPedia's score is a lookup you get without installing the extension, not the output of a controlled, pre-trust run you trigger
- Its behavioural signal comes from watching an extension already installed on real user machines, not an isolated run before you trust it
- Reputation weighting scores a trusted, high-install publisher well even when its code has turned hostile
- You get a score plus live alerts, not a per-extension evidence report you can hand an auditor
LayerX vs Am I Being Pwned
How to confirm an ExtensionPedia result
ExtensionPedia scores an extension without installing it. Here's how to confirm that score before you trust or block the extension.
- 1
Look it up in ExtensionPedia
Get LayerX's unified score and the permission and reputation signals behind it - no install needed.
- 2
Spot the reputation weighting
The score leans on publisher reputation and install base. That helps for an unknown publisher and misleads for a popular, trusted one that has quietly turned.
- 3
Run it in isolation
Paste the extension ID into Am I Being Pwned to execute it in a controlled browser and capture what it does - or scan your whole fleet - so a reputable-looking extension is judged on behaviour, not standing.
- 4
Confirm, then block
Keep the ones that behave; block the rest. LayerX can enforce in-browser; you can also push blocks through Chrome policy or your MDM.
- 5
Re-check each release
Reputation lags a hostile update by weeks. A fresh run on each new version doesn't.
From our published research
“Permissions describe what an extension is allowed to do. They say nothing about what it does.”
Why Permission Scoring Fails
Why a permission-and-reputation score isn't a verdict.
“We tried - 212 features, gradient boosting, everything we could extract without running the code. It explained 28% of variance on the training set and scored negative R² on validation.”
Why Permission Scoring Fails
You can't fix a metadata score by adding more metadata.
“Any site with the same Country Code eTLD could exfiltrate usernames, passwords, URLs and TOTP codes from any other login on the same eTLD. No user interaction. The manifest was totally fine.”
MultiPassword - CVSS 8.3
A trusted publisher, a clean profile, a flaw reputation couldn't see.
Frequently asked questions
What is LayerX ExtensionPedia?
A free public database that scores 200,000+ browser extensions so you can assess one without installing it. The score is built from permission scope, publisher reputation and LayerX's risk parameters. LayerX also sells a full enterprise-browser platform with real-time monitoring, DLP and AI governance around it.
Does LayerX ExtensionPedia run extensions in a sandbox?
ExtensionPedia gives you a score you can look up without installing the extension - LayerX markets it as a way to assess one 'even if it's not yet installed'. Its live product does monitor installed extensions on real machines, and its scores draw on aggregated session data, so there is genuine behavioural signal in the mix. What you don't get is an isolated run of that specific extension with the captured requests and DOM changes in front of you - which is what Am I Being Pwned shows you.
Is a reputation-based score reliable?
It's good at unknown or low-reputation extensions and weakest exactly where it matters: a Featured, Verified, million-user extension that ships hostile code. Stylish had every trust signal while exfiltrating every URL you visited. Behaviour, not reputation, is what tells those apart.
LayerX ranks itself first in its own comparisons - is that reliable?
LayerX publishes 'best browser extension security' lists with LayerX at the top; that's vendor-authored, not independent. Useful for discovering the field, less so for a verdict. For a specific extension, the honest test is to run it and watch what it does.
Triage every extension in your fleet, with evidence.
Free scan of your Google Workspace in under 48 hours.