Again, mapx is providing wrong and misleading information about extensions. You cannot depend on "some extension will do something evil the users community will reveal such a thing". So always there is a time lag and dependent on someone else getting infected and privacy stolen to report a problem first? So let others have their privacy breached first and then report some evil happening? That makes no sense whatsoever.
See this thread where mapx gave the WRONG answer the first time:viewtopic.php?t=3682
The general answer, to keep your privacy secure, you canNOT install any extensions at all; you have no idea what an extension is doing unless you read through all the extension source code and verify it yourself. The whole point of the message (the extensions can access your data ...) is because there IS VERY serious danger.
Bottom line - extensions are ALWAYS a potential threat to anyone's privacy.