There are two issues here which make me say no you can't trust them 100%. Now the reason being is that you haven't reviewed the code on one side. It might contain some malicious code which was slipped in by a rogue developer or intentionally. For standard organisations this is normally ver uncommon, but there have been cases such as Apple sending tracking data to their servers.

Now rogue stuff normally ( hopefully) will get found during the Qa process ( I can't imagine google and Mozilla not having a rigorous QA process). But nothing is 100% water tight.

Even when you have the source code, are you up for the job to scrutinise every single line of code? No you can't you probably don't have the time nor the skill.

And then there is another issue... Vulnerabilities, regardless if the project is closed or open source vulnerabilities which could allow attackers to gain access to your data exist. Either in the plugin itself, the engine to run the plugin, the browser or if we pull this even wider the operating system.

Security has always been a trade off with usability. Someone told me once that the most secure server is one in a locked bomb shelter surrounded by mines which is switched off. Meaning that while it's secure it's not usable. This something you need to keep in mind. There might be a risk to your privacy, but does that risk weigh up versus being able to normally use programs.

There are two issues here which make me say no you can't trust them 100%. Now the reason being is that you haven't reviewed the code on one side. It might contain some malicious code which was slipped in by a rogue developer or intentionally by the organization. For standard organisations this is normally very uncommon, but there have been cases such as Apple sending tracking data to their servers.

Now rogue stuff normally (hopefully) will get found during the Quality Assurance (QA) process ( I can't imagine Google and Mozilla not having a rigorous QA process). But nothing is 100% water tight.

Even when you have the source code, are you up for the job to scrutinise every single line of code? No you can't you probably since you don't have the time nor the skill.

And then there is another issue... vulnerabilities, regardless if the project is closed or open source vulnerabilities, which could allow attackers to gain access to your data, exist. Either in the plugin itself, the engine to run the plugin, the browser or if we pull this even wider, the operating system.

Security has always been a trade off with usability. Someone told me once that the most secure server is one in a locked bomb shelter surrounded by mines which is switched off. Meaning that while it's secure it's not usable. This is something you need to keep in mind. There might be a risk to your privacy, but does that risk weigh up versus being able to normally use programs? Not really.