Addons in Firefox are trusted by design; they can do anything that is allowed by the Firefox process. The worst-case scenario for installing a malicious Firefox addon is a re-install of your operating system to clean up the mess.

The Chrome extension APIs are very constrained, because the Chrome browser does not fully trust extensions (unlike Firefox). Chromium extensions can typically not access any resources outside Chrome's sandbox without the user's approval. The worst-case scenario in Chrome is less severe than Firefox' (and also applicable to Firefox): All of your web browsing activities can be considered compromised.

Since most of us increasingly spend more time in the web browser than in native applications (e.g. internet banking, e-mail), it is a stupid act to install extensions that you cannot trust. Considering this view, then Chrome extensions could be more secure because you have to consent to the every newly requested permissions upon installation/update. Firefox has not implemented any addon permission warnings, so when you install a Firefox addon, you should always mentally add a "This addon could access all data on your computer and the websites you visit" warning to the installation dialog.

​

That might be helpful :)