Is RoRegion – Reduce Lag, Ping & Boost FPS: Roblox Region Selector safe?

Findings

Network Interception Permissions

Flags items that request privileges enabling interception, observation, or modification of network traffic. Such capabilities can be used to monitor user activity, redirect requests, or interfere with external content, increasing the risk of surveillance, content manipulation, or traffic redirection.

medium

Code Execution Permissions

Flags items that request permissions allowing them to inject, execute, or modify code at runtime. These capabilities expand the item’s control over the browser environment and significantly increase the potential for evasive behavior, or post-install exploitation.

medium

Individual Publisher

Flags items published by individuals rather than verified companies or organizations, indicating potential risks due to limited accountability and unclear operational standards

low

All findings are available for Enterprise users

Code analysis

AI-powered analysis of the extension's source code for security insights and risk assessment.

This Chrome extension is designed to allow users to select their Roblox region, potentially reducing lag and improving connection quality for Roblox gameplay. The code primarily manages extension state and injects scripts into web pages upon request.

Key behaviors:

On installation, it initializes a setting (regionSelectorEnabled) in Chrome's local storage.

Listens for messages from other extension components. If a message with action: "injectScript" is received, it injects arbitrary JavaScript code (provided in the message) into the main world of the current tab using chrome.scripting.executeScript.

if (message.action === "injectScript") {
  const { codeToInject } = message;
  chrome.scripting.executeScript({
    target: { tabId: sender.tab.id },
    world: "MAIN",
    func: (code) => {
      try {
        const script = document.createElement('script');
        script.textContent = code;
        document.documentElement.appendChild(script);
        script.remove();
      } catch(error){}
    },
    args: [codeToInject],
  })
}

Listens for messages to enable or disable a ruleset (ruleset_2) via the chrome.declarativeNetRequest API, which likely modifies network request headers for Roblox server joining.

API usage:

chrome.storage.local for storing settings.
chrome.scripting.executeScript for code injection.
chrome.declarativeNetRequest for network request modification.

Network activity:

No hardcoded URLs or domains are present in this code. Network modification is limited to enabling/disabling a ruleset, the details of which are not shown here.

Filesystem/process/privilege/registry/clipboard:

No file, process, privilege escalation, registry, or clipboard access is present in this code.

Obfuscation:

The code is not obfuscated.

Potential concerns:

The ability to inject arbitrary scripts into web pages is powerful and could be abused if other extension components or external actors can send messages to this background script. However, this is a common pattern for extensions that modify web page behavior, and no evidence of abuse is present in this code snippet.

Permissions

high

scripting

api

Allows execution of scripts in web page contexts, potentially manipulating site behavior and user interactions.

high

declarativeNetRequest

api

Enables network request filtering using predefined rules without requiring direct access to request content.

medium

storage

api

Enables persistent data storage for the extension, potentially storing large amounts of user-related information.

API Calls

API calls detected through static analysis of the source code. For more accurate insights, explore our sandbox dynamic analysis.

high

Enterprise Only

medium

Enterprise Only

low

Enterprise Only

API CALLS ARE AVAILABLE FOR ENTERPRISE USERS

Secrets

Any encoded/decoded secrets we managed to find in the source code, git repository, or related files

high

Enterprise Only

medium

Enterprise Only

low

Enterprise Only

SECRETS ARE AVAILABLE FOR ENTERPRISE USERS

Vulnerabilities

Known vulnerabilities and security issues detected in the extension's dependencies and code.

high

Enterprise Only

medium

Enterprise Only

low

Enterprise Only

VULNERABILITIES ARE AVAILABLE FOR ENTERPRISE USERS

External communication

Any identifiers we detected that may indicate external communication from the item's code

https://games.roblox.com/v1/games/$

regionSelector.js

https://roregion.com/

regionSelector.js

https://reddit.com/submit?url=

regionSelector.js

All external communications are available for Enterprise users

Dependencies

Dependencies and third-party libraries used by the extension, including version information and license details.

high

Enterprise Only

medium

Enterprise Only

low

Enterprise Only

DEPENDENCIES ARE AVAILABLE FOR ENTERPRISE USERS

Licenses & Compliance

high

Enterprise Only

medium

Enterprise Only

low

Enterprise Only

LICENSES & COMPLIANCE ARE AVAILABLE FOR ENTERPRISE USERS