The review process seems quite intimidating as described by the OP. Things like use of localStorage is almost like a given in any extension these days and they ask justification for every permission you ask.
So they should - extensions are very popular with consumers, and are a notoriously effective means of spreading malware. There’s a few current stories on the topic, which is odd, because the problem has been a problem for nearly ten years now.
Google spend a lot of money developing extremely effective security research capabilities, while completely ignoring the dumpster fire that is their app and extension stores.
> while completely ignoring the dumpster fire that is their app and extension stores.
This is one of the factors that keeps me away from trying Android phones. I don’t trust Google for anything other than search. And even that has become somewhat questionable over the years. I do trust Apple. Even though I own a couple of them, I don’t care for their computers. As far as phones though, I will not consider anything other than iPhone.
This isn't accurate. There are any number of XSS attacks that can be performed, which then allow you to look at secrets or tokens in localStorage, for example.
Google spend a lot of money developing extremely effective security research capabilities, while completely ignoring the dumpster fire that is their app and extension stores.