repo·evals
· 2026-05-04 ·main@HEAD (manifest 1.0.0)

tab-out

zarazhangrui/tab-out

🛠65 / 100
🎯

🧬

🛑
0–29
⚠️
30–49
🛠
50–79
🏭
80–100
65
🛠· 65 / 100
  • 5 claims passed, no critical failures
  • MIT / Apache / etc., installable per deployment.install_methods
  • release_pipeline=0, recently_active=True
  • EN-only or ZH-only README
  • static-only eval; live e2e pending

#1👤
#2🎯
#3🧭
#4

User hits Cmd+T用户按 Cmd+T(new tab event)(new tab 事件)chrome.tabs.querychrome.tabs.query→ all open tabs→ 所有打开的 tabGroup by domain按域名分组+ dedup+ 去重Render dashboard渲染看板(favicons via Google)(favicon 走 Google)User actions:用户操作:close / save / jump关 / 存 / 跳

Chrome 'Load unpacked' from extension/Chrome / Edge / Braveeasy
  • 📡
Google favicon service (s2/favicons)
Render favicons next to each tab
Privacy concern: every open-tab domain leaks to Google. Graceful fallback exists if blocked.
· 6
4 1 1
+40
+15
+5
+3
+5
-3

5 / 6
passed claim-001

passed claim-002

passed claim-003

passed claim-004

passed claim-005

untested claim-006

input_contract
output_contract
determinism
idempotence
no_skill_callouts
failure_mode_clarity

  • evidence_completeness='partial' (not portable) → capped at 'usable'

  • only 3/4 critical claims covered

archetype: adaptercore_layer_tested? Trueevidence: partialrecommended: usablefinal: usable
ceiling 1 · evidence_completeness='partial' (not portable) → capped at 'usable'
claim-001是合法的 Chrome Manifest V3 扩展且 newtab override 真的接上criticalextension-shape● passed
claim-002权限范围最小化,无 host_permissionscriticalprivacy● passed
claim-003「不调外部 API、数据不离开本机」criticalprivacy◐ partial
claim-004持久化数据走 chrome.storage.localhighstorage● passed
claim-005音效合成、不依赖音频文件highbundle-size● passed
claim-006端到端:装上后新建 tab 真的能看到分组面板criticalend-to-end○ untested

0%
0.00s
0

run-static-checks

2026-05-04
0% tokens in ? / out ?

run-static-checks

2026-05-04
0% tokens in ? / out ? 
# tab-out — final verdict (2026-05-04)

## Repo

- **Name:** zarazhangrui/tab-out
- **Branch evaluated:** main@HEAD (manifest 1.0.0)
- **Archetype:** adapter (Chrome tabs API)
- **Layer:** **atom** — single-purpose, no internal multi-skill composition
- **Eval framework:** repo-evals layer model v1 (fe256e5)

## Bucket

**`usable`** — small, focused, MV3-conformant. One real
privacy-claim contradiction (favicons leak the user's open-tab domain
list to Google) prevents `reusable` until either the README is
softened or the favicon source is changed.

## What was evaluated

### Atom level (static, this run)

| Claim | Status | Notes |
|---|---|---|
| 001 MV3 + newtab override | passed | Manifest is real and tight; override target exists |
| 002 minimal permission scope | passed | Only `tabs / activeTab / storage`, no host_permissions |
| 003 no external API calls | passed_with_concerns | No fetch/XHR — but every tab's domain is sent to `https://www.google.com/s2/favicons` (3 sites in app.js); contradicts README's "100% local" claim |
| 004 chrome.storage.local only | passed | 13 storage references in app.js; no localStorage / IndexedDB competing path |
| 005 synthesized sound | passed | AudioContext used; no audio files in bundle |

### Atom level (deferred — live)

| Claim | Status | Required |
|---|---|---|
| 006 e2e in Chrome | untested | Load unpacked, open new tab, verify dashboard renders + sound + confetti + offline favicon fallback |

## Real findings

1. **Privacy headline is overstated.** README says "no external API
   calls" and "100% local your data never leaves your machine".
   Strictly true for **saved-tab data** (chrome.storage.local) but
   false for **favicon rendering** — Google's favicon endpoint is
   contacted with the domain of every open tab, every render. This is
   a documentation issue, not malice. Either:
   - Drop those headlines and replace with "user data stays local;
     favicons are fetched from Google's public favicon service", or
   - Replace the favicon source with a generated colour chip / hashed
     drawable so the headline becomes accurate.

2. **Graceful degradation already exists.** Each `<img>` has
   `onerror="this.style.display='none'"`, so an offline / Google-blocked
   user gets a working extension minus icons. The infrastructure to
   make the favicon source pluggable is essentially in place.

3. **Permission scope is honest and minimal.** No `<all_urls>`, no
   host_permissions, only the 3 documented permissions. This part of
   the security story holds without caveats.

## Why not higher

- Single-evaluator, no live-install evidence on this machine.
- claim-003's contradiction is small but real — promoting past
  `usable` would imply the privacy claim has been audited and is
  trustworthy, which it isn't yet.

## Path to `reusable`

1. Either fix the favicon source or update the README to disclose it.
2. Run a live-install verification (claim-006) and log it.
3. Promote claim-006 to `passed`, claim-003 to either `passed`
   (if README updated) or stay `passed_with_concerns` (favicon
   continues, just disclosed).
4. Re-run verdict_calculator.

## Recommended

```yaml
current_bucket: usable
status: evaluated
```