The extension must be open source and you can get the source code on GitHub or somewhere else.The extension must be 'recommended' by Mozilla, which means it has been audited for security and privacy by Mozilla engineers.The following guidelines can keep you away from bad extensions: Mozilla has banned nearly 200 malicious Firefox add-ons over the last two weeks.Web Security Firefox Add-on is Secretly Collecting User’s Browser History.'Web Of Trust' Browser Add-On Caught Selling Users' Data - Uninstall It Now.You should not install extensions or themes without knowing who the author is and whether the code has been hijacked. Even some 'featured' extensions are proven to be malware. Mozilla is NOT responsible for security auditing of extensions at which gives malware chances.