Funny enough the article mentions this extension was manially reviewed: > A "Featured" badge from Google, meaning it had passed manual review and met what Google describes as "a high standard of user experience and design."

I at some point vetted the extensions for myself.

What I saw in Mozilla extensions store was anything from using minified code (what is this? it might have been useful in the late 90's on the web, but it surely is not necessary as part of an extension, that doesn't download its code from anywhere), to just full on data stealing code (reported, and mozilla removed it after 2 weeks or so).

I don't trust the review process one bit if they allow minified code in the store. For the same reason, "manual" review doesn't fill me with any extra warm confidence feeling. I can look at minified code manually myself, but it's just gibberish, and suspicious code is much harder to discern.

Also, I just stopped using third party extensions, except for 2 (violentmonkey, ublock), so I no longer do reviews. I had a script that would extract the XPI into a git repository before update, do a commit and show me a diff.

Friendly extension store for security conscious users would make it easy to review source code of the extension before hitting install or update. This is like the most security sensitive code that exists in the browser.