Free Chrome and Edge Extension

General
1

Would be so happy if anyone wants to add to this project or come up with some ideas how they would expand it.

Free Chrome and Edge Extension

Features Image Generation
Code Explain
Quiz Mode
AI is page aware and you can chat about anything on it.
Gemini 2.5 Pro Model
Host Backend in Docker Desktop
more features inside…

this is not a production ready app yet but I will be adding many more features over the coming weeks, including an MCP server and LLM.TXT SB access and more.

Security Measures

  • Local API server to protect credentials from client-side exposure
  • Environment variables for sensitive API keys
  • Input validation for search queries
  • Error handling for failed API requests
  • HTML content sanitization to prevent XSS attacks
  • Content Security Policy implementation

Potential Security Considerations

  • API Key Management

  • :white_check_mark: Keys are stored server-side, not in the extension

  • :warning: Consider using a more secure method than .env files for production

  • Content Security

  • :white_check_mark: HTML content is properly sanitized

  • :white_check_mark: Content Security Policy headers implemented

  • Data Privacy

  • :warning: Page content is sent to external APIs

  • :white_check_mark: Add a privacy policy explaining data handling

  • Cross-Origin Requests

  • :white_check_mark: CORS is properly configured for local development

  • :warning: For production, ensure proper CORS policies are in place

  • Extension Permissions

  • :white_check_mark: Uses only necessary permissions

Best Practices for Production

  • Add rate limiting to prevent API abuse
  • Implement error logging that doesn’t expose sensitive information
  • Regularly update dependencies to patch security vulnerabilities
  • Add automated security scanning to your development pipeline
1 Like