EL ExtensionLedger Audit and neutralize risky AI browser extensions.
Sign in Create account

Business compliance

AI extension evaluation methodology, normative references and an operational decision matrix.

Methodology

  1. Collect real extension inventory by browser and team without uploading sensitive data.
  2. Compute extension risk score using declared permissions and AI-assistant signals.
  3. Classify risk level (low to critical) and produce prioritized governance policies.
  4. Track approved exceptions and rerun audits quarterly or after major changes.

Disclaimers

  • The score is a decision-support signal and does not replace human security review.
  • No automatic legal/regulatory compliance guarantee is provided by this service.
  • Never upload secrets, tokens, customer prompts or personal data in inventories.

Recommended operating model

  • Assign a business owner to every tolerated AI extension.
  • Keep exceptions time-boxed with a next review date.
  • Rerun the audit after any browser catalog change or endpoint security incident.
  • Use the same decision matrix across security, workplace and support teams to avoid contradictory exceptions.
Open the operational playbook

Permissions-to-action matrix

Weights below provide a consistent baseline to decide allow, exception workflow or block.

Permissions-to-action matrix
Permission/signal Weight Level Recommended action
nativeMessaging 26 Critical Immediate freeze, deep security review and CISO approval.
webRequestBlocking 24 Critical Immediate freeze, deep security review and CISO approval.
cookies 22 Critical Immediate freeze, deep security review and CISO approval.
webRequest 20 High Block by default and open an exception request.
<all_urls> 20 High Block by default and open an exception request.
scripting 16 High Block by default and open an exception request.
history 14 Medium Allow with owner approval and monthly review.
clipboardRead 14 Medium Allow with owner approval and monthly review.
identity 12 Medium Allow with owner approval and monthly review.
tabs 10 Medium Allow with owner approval and monthly review.
clipboardWrite 10 Medium Allow with owner approval and monthly review.
downloads 8 Low Allow with quarterly monitoring.

Sources