A command-line tool that analyzes Firefox extension files (.xpi) for signs of malware, obfuscation, hidden payloads, steganography, and other techniques used to sneak malicious code past extension review teams.extension-scanner.py tears open a Firefox extension and performs a battery of security checks across every file inside it. It then produces a color-coded report with findings ranked by severity.