Permissions
The Kadoa Chrome extension requests the following permissions:| Permission | Purpose |
|---|---|
| activeTab | Record interactions (clicks, key presses) and select elements within the active tab |
| storage | Store your API key locally to persist between sessions |
| scripting | Render the extension UI when clicking the toolbar button |
| cookies | Read the team ID cookie (scoped to kadoa.com) to determine active workspace |
| browsingData | Clear tab cache for accurate click event detection |
| sidePanel | Display the extension UI in Chrome’s Side Panel |
| tabs | Listen to tab events (e.g., close side panel on tab switch) |
| webNavigation | Detect page reloads while the extension is active |
Host Permissions
The extension has host permissions for*://*.kadoa.com/* which allows it to:
- Read cookies set by the Kadoa web app
- Communicate with Kadoa servers for authentication
Data Sent to Kadoa
The extension sends the following information to our servers:| Data | Purpose |
|---|---|
| User API key | Authentication |
| Active tab URL | Processing extraction requests |
| Active tab content | Extracting selected data |
Data Storage
- API Key: Stored in Chrome’s local storage (encrypted by Chrome)
- Session Data: Temporary, cleared when extension closes
- No browsing history: The extension does not track or store browsing history
Source Code
The source code is not currently open source but is available for inspection upon request. Contact security@kadoa.com for access.Browser Compatibility
The Kadoa extension supports the following browsers:- Google Chrome (latest versions)
- Chromium-based browsers, such as Brave, Vivaldi, and Edge