Chrome really needs to introduce a extension denylist. The effect of malicious extensions would be less if you could exclude banking and other sensitive websites.

The current Allowlist is not sufficient because some extensions need to work across most sites.