I think this is like a proxy - it has to do some filtering in this behavior. While I understand what you are saying, you have 2 choices, use or do not use.
If there is an exploit of the add-ons or extensions here, then it theoretically wouldn't be much different to any other exploit.
Except of course the browser is the door to the world, where-as your localized photo-editing tool doesn't carry so much weight with it.
Good question though, who's vetting the extensions? As there has been a lot of controversy over plug-ins for other software of late, so concern here should be warranted. But as the the end user, there is that 50-50 option - use or don't use. It does really answer your question though I'm afraid.
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke