Study Finds 50% of Chrome AI Extensions Harvest Data

A new analysis of AI-branded Chrome extensions has uncovered a sweeping data-collection problem hiding in plain sight. According to privacy firm Incogni, more than half of the AI extensions it examined collect user data, and nearly a third capture personally identifiable information. The most aggressive culprits aren’t the novelty tools you might expect — they’re the coding helpers, meeting transcribers, and writing assistants many professionals rely on every day.

What the Incogni Chrome AI Extension Audit Uncovered

Incogni’s team reviewed 442 AI-labeled extensions from the Chrome Web Store, evaluating which permissions they request, what developers disclose in their privacy practices, and how risky each tool could be if a developer or third party acted against users’ interests. The firm paired this with popularity data from ChromeStats to estimate impact at scale.

The topline findings are stark. Over 50% collect user data, and close to one-third gather website content and PII such as names or contact details. A particularly troubling pattern: 42% request scripting capabilities that let an extension read what you type or modify what you see. Incogni estimates that this one permission could affect roughly 92 million users.

“User activity” was the most commonly shared data type, the report notes — a broad category that can include browsing behavior, page interactions, and content of web forms, depending on how an extension is coded and configured.

The Surprising Worst Offenders Among AI Extensions

Incogni flagged several popular AI add-ons as high risk when combining likelihood of misuse with potential impact. Grammarly and QuillBot landed near the top due to their reach and the breadth of content they can access while operating as writing assistants. Nily AI Sidebar and EaseMate were also cited with both high risk-likelihood and high risk-impact scores.

Even household names appeared in the upper tier of Incogni’s risk rankings, with Google Translate cracking the top five and ChatGPT Search rounding out the top ten. Inclusion on the list does not imply confirmed abuse; it reflects a sober look at the permissions requested, the sensitivity of data handled, and how damaging any compromise could be.

Why Coding and Transcription Tools Top the List

Extensions for programming and math frequently request the ability to read and change data on every site, access the clipboard, or interact with developer portals — because they need to parse code and inject suggestions on the fly. That same power can expose proprietary source code, API keys, and internal documentation if data leaves the device.

Meeting assistants and transcription tools often ask for microphone access, page capture, and persistent background privileges, opening channels to sensitive audio and notes. Writing assistants work by scanning drafts, email, and documents — a surface area that routinely includes PII and confidential content. By contrast, audiovisual generators and summarizers were deemed least invasive on average, typically requiring fewer privileges and touching less sensitive inputs.

The Real-World Risks Behind Chrome Extension Permissions

Chrome extensions update silently and can change hands, a pattern that has repeatedly enabled supply-chain attacks in the past. Security researchers and groups like the Electronic Frontier Foundation have long warned that broad host permissions (“read and change all your data on all websites”) create a single point of failure: one compromised developer account or a monetization pivot can turn a useful tool into a surveillance vector.

Incogni’s report underscores a pragmatic test for users: if personal data leaves your device, assume the risk is significant. That aligns with guidance from browser security teams who prioritize local processing, minimal scopes, and human-readable privacy disclosures as baseline signs of a safer extension.

How to Reduce Your Exposure to Risky AI Extensions Now

Audit your extensions. Remove anything you don’t use weekly. For what remains, open each item’s details and dial back site access to “On click” or specific domains whenever possible. Be wary of permissions like scripting, webRequest, unlimitedStorage, clipboard access, and broad host patterns (e.g., “https://*/*”).

Favor tools that process data locally and state clearly that content is not transmitted to external servers. Review developer reputation and changelogs; watch for ownership changes or new data-sharing language. When Chrome prompts you about new permissions after an update, read the dialog and decline if the request seems unrelated to the extension’s purpose.

Segment your risk. Keep work and personal browsing in separate Chrome profiles. Disable sync for sensitive profiles so extension choices on one device don’t propagate everywhere. Where practical, replace extensions with built-in browser features or desktop apps that don’t require all-site access.

Bottom Line on Installing AI-Powered Chrome Extensions

AI has supercharged the usefulness of browser add-ons — and the stakes of installing them. Incogni’s findings make the tradeoff plain: the most helpful categories are often the most invasive. Treat permissions as you would a contract. If an extension demands access beyond its job description or sends your data off-device, the safer choice is to walk away.