That's exactly correct.You cannot tell a malicious FF extension "by looking".These days, I would not trust FF extensions - unless they're continuations of preexisting legacy versions of same.And even with that, they still have to be suspect.https://www.dslreports.com/forum/r32385510-Extension-FireFox-52-9-0-ESR-Disables-Flash-Video-Downloader-Extension