Bilibili AI Skip

Extension Purpose and Intention

The Bilibili AI Skip extension is designed to enhance the viewing experience on the Bilibili video platform by intelligently identifying and skipping advertisements. It utilizes AI and cloud-based APIs to analyze video content and determine ad segments, offering both automatic and manual ad-skipping options.

Code Functionality

The provided code snippet is part of the extension's background script, which listens for messages from other parts of the extension or the web page. It specifically handles requests to fetch data from a specified URL using the fetchDashScope action.

Key Operations

• Message Listener: The code listens for messages with the action fetchDashScope.

  chrome.runtime.onMessage.addListener((message, sender, sendResponse) => {
    if (message.action === "fetchDashScope") {
      // ...
    }
  });
  

• Network Request: Upon receiving a message, it performs a network request to the specified URL using the Fetch API.
  • HTTP Method: Defaults to POST if not specified.
  • Headers: Includes an Authorization header with a Bearer token, indicating secure access to the API.
  • Body: Sends a JSON-encoded body, allowing for flexible data transmission.

  fetch(message.url, {
    method: message.method || "POST",
    headers: {
      "Authorization": `Bearer ${message.apiKey}`,
      "Content-Type": "application/json",
      "X-DashScope-Async": "enable"
    },
    body: JSON.stringify(message.body)
  })
  

• Response Handling: Processes the response by converting it to JSON and sending it back to the sender.
  • Success: If successful, it returns the data received from the API.
  • Error Handling: Catches errors and returns an error message.

  .then(response => response.json())
  .then(data => sendResponse({ success: true, data }))
  .catch(error => sendResponse({ success: false, error: error.message }));
  

Indicators of Malicious Activity

• API Usage: The use of an API key and bearer token suggests secure and authenticated API interactions.
• Network Communication: The extension communicates with external services, which is typical for extensions requiring cloud-based AI processing.
• Error Handling: Proper error handling is implemented, reducing the risk of unexpected behavior.

Conclusion

The code snippet appears to be part of a legitimate functionality for interacting with external APIs to perform ad recognition tasks. There is no strong indication of malicious behavior such as data exfiltration, unauthorized access, or obfuscation techniques. The extension's purpose aligns with enhancing user experience by skipping ads based on AI analysis.