How to Audit Your Chrome Extensions for Privacy and Performance

Most people's Chrome extension list is a graveyard of installs.
Extensions they added for one task, never removed, and forgot
about. Each one is running code in your browser, potentially
slowing page loads and having access to data you didn't
consider when you clicked "Add to Chrome."

A regular extension audit is low-effort and meaningfully improves
both your browser's performance and your privacy posture.

Step 1: Take Stock

Open chrome://extensions in your address bar. Look at everything
that's installed — not just what's in your toolbar. Extensions
can be installed but not pinned, and they still run.

• For each extension, ask:
• When did I last use this?
• Do I remember installing it?
• What does it actually do?

Anything you can't answer positively on all three questions is
a candidate for removal.

Step 2: Review Permissions

Click "Details" on each extension and scroll to "Permissions."
The most sensitive permission is "Read and change all your data
on the websites you visit" — this means the extension can see
everything you do and everything any website sends to your browser.

This permission is legitimate for some extensions (ad blockers
need it to work). But a simple utility extension — a color picker,
a tab organizer — should not need this level of access.

• Permissions to scrutinize:
• "Read and change all your data on all websites" — broad access
• "Manage your apps, extensions, and themes" — can install other extensions
• "Read and change your bookmarks" — access to your browsing history
• "Capture content of your screen" — visual access

Step 3: Check for Ownership Changes

Chrome extension ownership changes are not announced to users.
An extension you installed from a trustworthy developer two years
ago may have been acquired by an ad network since then. The new
owner has the same access the original developer did.

Search for recent news on any extension you use heavily. Malicious
extension acquisitions have been reported enough times that
this is a real concern, not paranoia.

Step 4: Performance Impact

Open Chrome's Task Manager (Shift+Esc while in Chrome) to see
resource usage. Extensions appear in the list with their memory
consumption. Extensions using over 50MB of memory are worth
noting; over 100MB is concerning for a utility extension.

Some extensions inject scripts into every page you visit. These
add load time. If Chrome feels sluggish on complex pages, try
disabling extensions temporarily to see if performance improves.

What to Keep

• Keep extensions that:
• You use regularly (at least weekly)
• Have narrow, appropriate permissions
• Come from verified developers with transparent codebases
• Do exactly what they say they do

High-quality examples of narrow-permission, single-purpose
extensions: Wayback Quick Access (opens archive URLs), Etsy
Keyword Extractor (reads Etsy listing data while on Etsy),
Shopify Theme Detector (analyzes Shopify pages while on them).
These work on specific sites for specific purposes.

What to Remove

• Extensions you haven't used in 30+ days
• Extensions with permissions that exceed their stated function
• Extensions from anonymous developers with no verifiable presence
• Anything installed that you don't remember installing

Step 5: Ongoing Hygiene

Run this audit quarterly. When you install a new extension,
set a reminder to revisit it in 30 days — if you haven't used
it, remove it.

Prefer extensions with open-source code on GitHub. Not everyone
can read the code, but the ability for the community to review
it is a meaningful check on behavior.

Conclusion

An extension audit takes 20 minutes and reduces both performance
impact and privacy exposure. The fewer extensions you run, the
smaller your attack surface and the faster your browser. Keep
what earns its place; remove everything else.