We have an offshore team in country [X] working on feature work and bug fixing on our enterprise level software product [X]. It is a horrible nightmare. Offshore creates more problems than they solve, they don't respond to explicit direction, they double, triple and sometimes quadruple bill while simultaneously producing very small amounts of actual work. We finally had to cut off their access to source control, and all check-ins have to go through an onshore dev for approval before it can be integrated. We are letting them go in the next week or too. But seriously, it can really be a waste of time and money for all involved.

A lot of extensions request access to your browser's X, Y, & Z... and sometimes your entire file system (???) But since we (the user/s) wants to use the provided functionality in the extension, we all click "OK". Just from reading those notifications, it is still unclear WHY the extension needs those access permissions, or WHAT the extension might be doing with said access. How can we know/understand more about this process? Where is the source path of the extension & should we just be looking at the source code (assuming dev experience)?