Worst case scenario, what can a Chrome extension do with "Your data on all websites" and "Your tabs and browsing activity"?

  1. Send a list of all the websites I visit to the maker?

    Yes

  2. Capture data I input into forms? (like my personal data, passwords, etc.)

    Yes

  3. See how long I have been on a website, and which pages I have visited?

    Yes

  4. Access cookies?

    Updated, See the following comment from Bryan Field for this one.

    Bryan Field: Great answer, except for number 4. Cookies without the httponly flag can be accessed for sure, beyond that I don't know. I would add that it is likely that the extension could manually call, for example your Gmail page and get all your emails, even if you do not have Gmail open during the time the extension is opened. You need only to be logged in and it can call those pages. So even if the httponly cookies can not be directly viewed (number 4), it doesn't really matter, because the cookies can still be indirectly and effectively used

  5. Access other files on my computer? (I guess not, given the Sandbox environment, but I'm still wondering)

    No – like you say the sandbox will prevent that.

  6. Do anything worse?

    Read (and send) data on all the pages you visit.

Some more details on why this is often needed, but not always is discussed in this question Why do Chrome extensions need access to 'all my data' and 'browsing activity'?


Google briefly explains the security model for extensions in the following blog post:

http://blog.chromium.org/2009/12/security-in-depth-extension-system.html

Only install extensions by trusted sources.