Thanks for clarifying. It looks like I needed to refresh my memory of the browser APIs.
Reading further, this API only works remotely for CSS via chrome.scripting.insertCSS. For JS, however, the chrome.scripting.executeScript JS needs to be packaged locally with the extension, as you said.
It seems the advanced method is to use chrome.userScripts, which allows for arbitrary script injection, but requires the user be in Dev Mode and have an extra flag enabled for permission. This API enables extensions like TamperMonkey.
Since the Claude extension doesn't seem to require this extra permission flag, I'm curious what method they're using in this case. Browser extensions are de facto visible-source, so it should be possible to figure out with a little review.
That's the javascript included in the plugin crx. This is about code retrieved over API being executed (so that code being run cannot be approved by chrome webstore team)
Its a "tool call" definition in their code named 'execute_javascript', which takes in a "code" parameter and executes it. The code here being provided by the LLM which is not sitting locally. So that code is not present "in the plugin binary" at the time when chrome store team is reviewing it.
I'd very curious to know how they managed to deal with this then. There's always the option of embedding quickjs-vm within the addon (as a wasm module), but that would not allow the executed code to access the document.
https://developer.chrome.com/docs/extensions/reference/api/s...
https://developer.chrome.com/blog/crx-scripting-api