Well that's exactly the reason why I haven't used any of those yet. Basically they are all scraping the pages. Click on your wallet, check you private keys and they're caught.
I don't think the extensions were developed with bad intentions in mind, but it's just too risky and bad practice I think.