Sorry about the warning. I can assure you Nostash will not do any of those things. The only thing it does with respect to changing the page is add JavaScript functions onto the webpage window to access. I don’t think I can restrict the requested Safari extension permissions further. In theory, a malicious extension could read the DOM to scrape sensitive information, but that’s not what is happening. Nostash is open source so anybody can inspect it as long as you believe that is the code that I shipped to the App Store, and the app has been reviewed by Apple, so take that as you will.