The title is inflammatory. By allowing random JS or by selling the extension, developers do spy on you. It’s like inviting a tiger into your office and then suggesting that the ensuing damage isn’t your fault.
Browser extensions won’t spy on you, if you use trusted extensions by trusted members of the community.
Yeah I came away feeling like this was clickbait. Based on the title I expected to read something about the app stores quietly injecting telemetry in your extension or something like that. Something outside of the developer's control or being done quietly by default as part of the standard packaging and delivery pipeline.
What the author described was very much not that. What they described was developers making a conscious decision to add untrusted code to their extension without properly verifying it or following security best practices.
A more accurate title would be something like "It's hard to trust browser extensions, developers are bombarded with offers of easy money and may negligently add malware/adware"
Browser extensions won’t spy on you, if you use trusted extensions by trusted members of the community.