I think this is a great question (privacy concerns.)
Chrome instills fear into me when it announces that a plugin can gain access to my data (that's an instant put off for me.) I still don't actually get just what data a Chrome plugin has access to.
Plugins+Extensions are terrifying and awesome simultaneously.
When that warning says "all your data on all of your websites" it f'ing means it.
Imagine the extension as a person on a computer in a remote location who is looking through every web page that you visit and taking actions on your behalf.
Different extensions might:
- Look through the content of a page and find things that are likely phone numbers and make them Skype links
- Select sections of a page and push their content to a server (ala Clipboard)
- Check if you're on a banking site, append an iframe of the site to itself and transfer funds out of your account.
It's the web browser equivalent of downloading a program onto your desktop, once it is installed (sandboxing aside) it can do quite a bit.
Chrome instills fear into me when it announces that a plugin can gain access to my data (that's an instant put off for me.) I still don't actually get just what data a Chrome plugin has access to.