[brosirmandude]

>if you have an approved extension with https://*/* permissions and active users, malware authors will offer to buy your extension for a very high price.

This is interesting, and I didn't realize this was a thing.

Are there any lists of extensions with these permissions, or ways that as an average consumer could easily audit my list of extensions for this?

[Svenskunganka]

I'm using Firefox and all I have to do to view permissions for an extension is to go to about:addons and click an extension, and there will be a "Permissions"-tab that lists what permissions this extension requests. It's similar in Google Chrome IIRC. Other than that, both browsers lists the permissions an extension requests when installing the extension, and further when the extension requests new permissions.