Totally hear you on the permissions/access. I'd love to request fewer permissions, but the chrome store doesn't support that kind of permissions granting.
In order for us to be able to execute your scripts that do powerful things (send notifications, save to local storage, download things, etc.), our extension needs to have those permissions itself. Google doesn't have any way for us to say our extension itself only requires permissions x, y, z but give this user script permissions j, k, l.
Your browsing/page data is yours. That data is only accessed when you explicitly request to generate a script (i.e. can't generate a script to modify a page without seeing that page).
Right - I'm sure you're not doing anything malicious. iI just amplifies the monetization concerns, because if you can't make a business out of it, the only lucrative option left (that other extensions have also done) is to sell the extension, often to somebody who is looking to prey upon the installed user base (even if they tell you otherwise.)
In order for us to be able to execute your scripts that do powerful things (send notifications, save to local storage, download things, etc.), our extension needs to have those permissions itself. Google doesn't have any way for us to say our extension itself only requires permissions x, y, z but give this user script permissions j, k, l.
Your browsing/page data is yours. That data is only accessed when you explicitly request to generate a script (i.e. can't generate a script to modify a page without seeing that page).