Extension script access: changing what you see and what pages can do

Script access in one minute

Most extensions use content scripts: small programs the browser injects into pages that match patterns the developer declares (for example “all HTTPS sites” or “only github.com”). Those scripts share the page’s view of the DOM—they can read and change what appears in the document, though they are isolated from the page’s own JavaScript variables in specific ways.

Separately, the scripting API lets the extension’s background logic inject or remove scripts on demand into a tab (often paired with tab or activeTab permissions). The install prompt often bundles this as “read and change all your data on websites you visit”—the broadest everyday wording users see.

Legitimate uses include ad blockers, password managers that fill fields, accessibility helpers, and translators. Malicious uses include skimming what you type, replacing checkout flows, or breaking security screens so you cannot fix a compromise.

What script permissions usually enable

• Read visible page content — text, form values, tables, and often data rendered for you (including some that never leaves your machine as a separate “download”).
• Change the DOM — hide warnings, swap “Pay” buttons, insert fake MFA prompts, or strip entire sections of a dashboard.
• Inject CSS — restyle pages to mislead (e.g. hide legitimate security banners) or fingerprint layout.
• Programmatic injection — chrome.scripting.executeScript (and related calls) to run code in a tab when conditions match.
• Bridge to the extension core — content scripts message the background worker so stolen DOM snippets or events can be combined with cookie or network APIs.

API references: scripting, content scripts.

Risk outcomes (plain language)

• Fake UI that passes your eye test

  Because scripts run in the real page context, overlays can mimic your bank or SSO portal pixel-perfect while exfiltrating credentials.

• Silent tampering with forms and transfers

  Beneficiary fields, amounts, or approval buttons can be swapped at the last second before submit.

• Blocking recovery and auditing

  Documented campaigns wiped or redirected security admin pages so victims could not revoke sessions or read logs while theft continued.

• Anti-analysis tricks

  Some malware-laden extensions ship code that detects developer tools or blocks inspection of password fields—slowing down discovery.

Real-world patterns (documented)

• Remote execution + injection. ShadyPanda-related reporting described fetching new script over time and executing it with extension privileges, including injection into secure pages—see The Register.
• DOM-level sabotage of admin UIs. Socket’s write-up on Workday-targeting extensions detailed erasing page content and redirecting security workflows—see Socket.
• Combine with tab and URL context. Knowing which tab is which makes script triggers precise (“only run when this payroll URL loads”).

What actually helps

• Prefer narrow scope. “On click” / activeTab flows limit when injection runs versus always-on access to every site.
• Match product to permission. A wallpaper extension should not need to read and change data on banking domains.
• Use separate browser profiles for high-risk work (finance, admin consoles) with fewer or allowlisted extensions.
• Enterprise: block arbitrary consumer extensions on workstations that access crown-jewel SaaS; review manifests for broad content_scripts matches.
• If something feels wrong on a site, try the same task in a clean profile with no extensions—if the odd button or missing admin page disappears, suspect an add-on.

See also extension permissions and how to analyze an extension.