MIT indicates Extensions have always been a "use at your own risk" affair. We as a team do not have the capacity to vet every single extension (at last count around 2% of projects include extensions and there are over 3000 unique extensions) so, use the extension at your own risk. Actually, the do not vet any of the extensions in the wild for malicious activity. Be aware even Google are aware of the risks as they prohibit apk attachments to gMail.