I’m not claiming that it was “intuitive”, just that the browser did tell the user exactly what the add-on was allowed to do. Sure, Chrome and Firefox deserve some blame for not making the warning more explicit/dire, but they did make an attempt. Overwriting cookies and rewriting affiliate links are subsets of “access your data”.

Also, I’m not claiming that I knew exactly what Honey was doing, just that I suspected it was shady and recommended no one use it.