Your suggestion is to not use the platform as intended, and to understand the source code of the extension. That advice is not actionable by non-technical people and does not help mitigate mass surveillance.
Still sidestepping around the inherent need for some level of technical capability and motivation. The average person has no idea what "source code" is, and an LLM is not going to make them meaningfully understand in one conversation. If the LLM just says, "trust me bro you're good", now we have just moved the problem of trust to something even more inscrutable.
Ok, should we just use the provided 'app' and assume things are fine? FAANG or whoever take our privacy and security very seriously, you know!
The only reasonable approach is to view the code that is run on your system, which is possible with a extension script, and not possible with whatever non-technical people are using.
I don't know what point you're trying to make, but I already expect OpenAI to maintain records of my usage of their service. I do not however want other parties to be privy to this data, especially without my knowledge or consent.