This is one of the reasons why I've never trusted browser extensions that interact with your password manager....it always seemed like the obvious weak point of security.

I much prefer to just manually copy/paste so that your actions are explicit.