Many add-ons have somewhat spookiy authorisation requirements, such as “access all of your activity”. In many cases this is justified by it’s function, and of course there isn’t any problem with it as long as we’re sure all this data stays on your computer and isn’t shared with any remote server. How are we sure of that tho? Is there an easy way to check for each add-on ?
Packet sniffer? Like wireshark maybe?
But wouldn't that just tell you, "Firefox was connecting to the internet"?
Nope, it'd give details. Combing through and decrypting those details is another matter, though.
You can MITM yourself and setup your own CA, no?
If you so chose to, yep.
No, it would say which packet is being sent to which destination.