We defined the Android security permissions that Firefox for Android requests on installation. These permissions put a hard limit on what the browser extensions can and cannot do. It was found that many permissions are requested which in turn can allow an extension to perform dangerous actions. These actions were formalized into an extension that clearly demonstrated each action