Well we're in a thread about the CLI being compromised. I've never heard of a sandboxed browser extension being compromised.