After reading about Emails a browser extension developer gets from scammers (and the comments here) I now understand that there are people who try to convince good addon developers to introduce shady (or outright malicious) code into their extensions.
This means the users of addons have to be extremely careful to make sure they trust what they’re installing. However, people still install addons all the time without thinking..
What checks can a layperson carry out to improve the odds that the addon is not exploiting them? For example, are there any lists or databases that review chrome extensions’ source code, so a layperson can look up the addon’s reivews (e.g. similar to review sites like rotten tomatoes or goodreads)? And are there any other simple and effective ways to be able to trust a chrome extension?