And then an extension to alert you to bad extensions.

Great idea! Someone please do this.

So this would require a list of decided malicious extensions or not and someone can go ahead and check through that.

To find the list of decided malicious extensions, I can imagine that a github repository where people can create issues about the lack of safety (like imagine some github repo where this case could've also been uploaded) and people could discuss and then a .txt/json file could be there in the repo which gets updated every time an extension is confirmed to be malicious.

Thoughts?

Edit: (To take initiative?) I have created a git repo with this https://github.com/SerJaimeLannister/unsafe-extensions-list but I would need some bootstrap list of malicious extensions. So I know nothing about this field and the only extension I can add is this one maybe but maybe someone can fork this idea (who is more knowledgable within the extension community space) or perhaps they can add entries into it.

Edit 2: Looks like qcontinuum actually have a github repo and I hadn't read the article while I had written the comment but its not 1 extension but rather 287 extensions and they have mentioned all in their git repo

https://github.com/qcontinuum1/spying-extensions

So they already have a good bootstrapped amount & I feel as if qcontinuum is interested they can maybe implement the idea?