ExtensionShield

Smooth scroll on route change causes jarring navigation UX

#204 · Apr 6, 2026

Medium

[UI Bug] Navigation bar not visible on very small screen widths

#203 · Apr 6, 2026

Medium

bug good first issue frontend

Your project on Capybara Market?

#196 · Apr 5, 2026

Easy

HIGH - Incomplete Permission Context (Domain Sensitivity)

#194 · Apr 5, 2026

Easy

CRITICAL - DNS Rebinding (TOCTOU Race Condition)

#187 · Apr 4, 2026

Medium

good first issue

CRITICAL - Icon Extraction ValueError (Manifest Keys)

#186 · Apr 4, 2026

Easy

Height of sign in button in responsive

#184 · Apr 4, 2026

Easy

fix: broken SCSS nesting in DemoModal mobile styles causing layout issues

#180 · Apr 4, 2026

Easy

Add Version-Based Risk Change Detection Across Extension Updates

#179 · Apr 4, 2026

Easy

Add Domain-Specific Permission Context to Risk Analysis

#178 · Apr 4, 2026

Medium

Improve Risk Scoring Transparency with Weighted Permission Breakdown

#177 · Apr 4, 2026

Easy

TOCTOU Race Condition in SSRF Protection (DNS Rebinding)

#176 · Apr 4, 2026

Medium

Inconsistent User-Agent Strings in Extension Downloader

#175 · Apr 4, 2026

Medium

Fix droplet color inconsistency, improve animation logic, and add accessibility support

#172 · Apr 4, 2026

Medium

Scan issue and unclear risk explanation

#169 · Apr 4, 2026

Easy

Scraper Fragility

#167 · Apr 4, 2026

Easy

Database Refactor

#166 · Apr 4, 2026

Medium

Use of print() instead of structured logging in production code

#165 · Apr 4, 2026

Medium

Unbounded thread creation during scans may cause performance issues

#164 · Apr 4, 2026

Medium

LLM failures silently return empty results without user feedback

#163 · Apr 4, 2026

Easy

Improve handling of "Unknown" extensions and URL fetching

#161 · Apr 4, 2026

Medium

In-memory scan state grows indefinitely (potential memory leak)

#160 · Apr 4, 2026

Medium

api/main.py is too large (God File) and violates separation of concerns

#159 · Apr 4, 2026

Medium

Backend crashes on malformed JWT token due to missing validation

#158 · Apr 4, 2026

Medium

ecurity Vulnerability: Incomplete Zip-Slip Protection Allows Extraction to Adjacent Directories via Path Traversal

#156 · Apr 4, 2026

Easy

Backend setup fails due to missing dependencies and incomplete setup instructions

#151 · Apr 4, 2026

Easy

Security: docker-compose.yml exposes API on 0.0.0.0:8007 with no CORS or network isolation

#150 · Apr 4, 2026

Easy

Bug: CONTRIBUTING.md has broken GitHub issue links — points to /blob/issues instead of /issues

#149 · Apr 4, 2026

Medium

Bug: rich dependency pinned to '>=13.5.2,<13.6' — blocks security updates to rich library

#148 · Apr 4, 2026

Easy

Privacy: sentry-sdk included in production — may leak user data and extension URLs to Sentry

#147 · Apr 4, 2026

Medium

Security: No documented file size limit on CRX/ZIP upload — DoS via large file upload

#146 · Apr 4, 2026

Easy

Security: python-jose has known CVEs — should be replaced with PyJWT or python-jwt

#145 · Apr 4, 2026

Easy

Security: Docker container runs as root — no non-root USER defined in Dockerfile

#144 · Apr 4, 2026

Medium

Security: VITE_AUTH_ENABLED defaults to 'true' in Dockerfile but 'false' in docs — auth bypass risk

#143 · Apr 4, 2026

Medium

Hero section graphic cut off on mobile

#142 · Apr 4, 2026

Easy

bug good first issue frontend

Security: LLM-generated summaries should be sanitized before rendering in popup

#141 · Apr 4, 2026

Medium

Docs: SECURITY.md missing secrets severity guide and rotation instructions

#140 · Apr 4, 2026

Medium

Security: No documented rate limiting on scan API — paid AI keys at risk of abuse

#139 · Apr 4, 2026

Medium

UX/Privacy: Extension does not show which backend it is connected to (OSS vs cloud)

#138 · Apr 4, 2026

Medium

Privacy: No privacy policy linked — required by Chrome Web Store policy

#136 · Apr 4, 2026

Easy

Security: management permission should be optional, not required at install time

#135 · Apr 4, 2026

Medium

Security Vulnerability: Insecure JWT and LocalStorage Management

#134 · Apr 4, 2026

Medium

Beginner-Friendly Issues 42