Having a dedicated browser profile is a good solution to this if you’re ever uncomfortable with a particular extension.

Ah, I follow. I was confused because a small, open-source extension should be sufficient to handle sending test requests. Sounds like they're doing something much bigger than that.

POSTman started as an extension; hence my confusion. I was wondering if there was a technical issue I was unaware of.

Running standalone binaries by a VC-fueled project on your host is even worse.

I guess a separate quarantine browser profile is the best of both worlds?