This sounds suspiciously like a way to help developers write Chrome extensions that steal the user's data. (While perhaps also providing other useful functionality.)
Gmail is known to have been locking down actual front-door server-side API access for 3rd party applications for years. Perhaps this is the natural result. Chrome extensions that add hacks to the Gmail frontend instead.
Same user-data harvesting but with less reliability! Fun times.
If you install any browser extension and give it host permission to a URL (or God forbid, all_urls) it can see and steal anything on that page.
This goes for everything from your pop-up blocker, to your password manager, to that silly user script doing <fun effect>. They all watch you browse in a way that circumvents good security hygiene.
It's extremely common for extensions with successful userbases (>10k installs) to get approached by folks asking to integrate a mining SDK for revenue share, or sell the extension outright so they can monetize it themselves.
Consider yourself lucky if all the extension does is steal cpu cycles. It could just as easily be exfiltrating your email bodies or watching all password input fields.
The browser extension model is broken. Expect it to slowly die. Manifest v3 is just the beginning. Soon Google will wonder why they're paying a team of manual reviewers to study every extension on the Web Store when the marketplace monetizes so poorly and doesn't contribute to the moat around Chrome.
Gmail is known to have been locking down actual front-door server-side API access for 3rd party applications for years. Perhaps this is the natural result. Chrome extensions that add hacks to the Gmail frontend instead.
Same user-data harvesting but with less reliability! Fun times.