> extensions could just load external scripts and there's no way you could tell what they were actually doing.

I do think security researchers would be able to figure out what scripts are downloaded and run.

Regardless, none of this seems to matter to end users whether the script is in the extension or external.

nothing stopping server side logic: if request.ip != myvictim, serve no malicious payload.

Even if the extension isn’t malicious, it creates a new attack vector that can affect users. If whatever URL the script is remotely loaded from is compromised, now all users of that extension are vulnerable.

Wait, does that mean Manifest v3 is so neutered that it can't load a `<script>` tag into the page if an extension needed to?

If so, I feel like something that limited is hardly even a browser extension interface in the traditional sense.

That is correct. You can not inject external scripts. You can fetch from a remote and inject through the content script though, but the content and service worker code is known at review time.

So you can still do everything you could before, but it’s not as hidden anymore

Most browser extensions don’t need to insert script tags that point to arbitrary URLs on the internet. You can inject scripts that are bundled with the extension (you don’t even need to use an actual script tag). This is one part of manifest v3 that I think was actually a good change - ad blockers don’t do this so I don’t think Google had an ulterior motive for this particular limitation.