Clarify review process for Extension developpers

[iplanwebsites]

Description

Related discussion for context: #3231

The warning message when a user install many extension reads:

"Brave has not reviewed this extension for security and safety. Only install this extension if you trust the developer. It can:...

Warning is shown even if all extension are vetted by Google.

How can developers get their extension whitelisted in Brave so this confusing warning doesn't show?
Some major extensions are whitelisted, but it's not the case for most. Is this a static list of a few whitelisted IDs? Is there an actual review process?

Many users might be confused by this messaging and it'd be important to provide ways for developers to act upon it.

Steps to Reproduce

1. Install any non-major extension in the webstore

[bsclifton]

cc: @diracdeltas @fmarier

I think we've talked about toning down the text. I know trying to review + have an allow list might be too much overhead at the moment

[fmarier]

I think the message is accurate in that installing extensions is generally risky since they are not reviewed by Google (or Brave) and it comes down to trusting:

• the developer,
• the developer's handling of their credentials, and
• the developer's aversion to selling their extension to a malware/greyware company.

At the same time, the market seems to consider these risks as acceptable, and perhaps our UI is causing "warning fatigue" and isn't actually helpful.

What might be better would be to encourage the pruning of non-essential extensions. Maybe the browser could track extensions which haven't been used for a while and prompt the user to see whether they still need them. Or we could prompt the user 3 months after installing an extension, then 6 months later, then 12 months, 24, etc.

[bsclifton]

Interesting idea RE: pruning @fmarier 😄
cc: @rebron