Addressing security and privacy concerns of browser extensions

The Chrome extensions that can be installed on Brave are a potential serious security and privacy risk. Here is what I would like to see:

  1. A simple guide on safe practices. E.g. there is a difference between an extension being able read and change all your data on websites that you visit anytime, or only after you click on the extension.
  2. Warnings on the data extraction that you agree to by installing an extension or the data exchange that these extensions de facto generate.
  3. Ideally, a Brave supported scoring of these extensions in terms of their security and privacy impact,

A security dashboard page - similar to the Brave Rewards page - would be of great added value.


AFAIK they’re planning to have their own extension store eventually, in which case most of this would likely be implemented anyways. Probably still gonna take a while though.