> There is no alternative way to define a strict security boundary that allows these specific permissions while preventing abuses.

Maybe you're right, and there isn't. Does it not follow that we should probably require extensive review and open-source reproducible builds before allowing any such extension on the browser extension stores?