There was a recent paper published at ACM CCS 2020 that attempts to identify malicious changes to extension updates. Might be worth a read.

You’ve Changed: Detecting Malicious Browser Extensions through their Update Deltas

https://dl.acm.org/doi/10.1145/3372297.3423343