As @juraj.masiar noted in a reply on another thread, the “Access your data for all websites” message is displayed as a result of requesting "<all_urls>" or other broad host permission patterns (e.g. *://*/*). Similarly, Chrome uses the string “Read and change all your data on all websites”. Safari uses a slightly different model for host permissions, where the default flow has users give out timed grants to specific hosts, but in that flow they use a message that conveys the same basic idea.
Image via Grammarly Support
The main alternative is to use the activeTab permission to grant access in response to a user invocation such as clicking the browser action, selecting a context menu entry, or triggering a keyboard shortcut. The main disadvantage of using activeTab is that your extension can’t passively take action on behalf of the user – the user has to consciously trigger the extension when they want it to do something.
activeTab can also be combined with declaring <all_urls> as an optional host permission in the extension’s manifest. This makes it possible for an extension to detect that the user has invoked the extension multiple times on the same website and to ask the user if they would like to give the extension access to that site via permissions.request.
Thanks for your suggestions on improvements to the AMO experience. I’ll pass this along to the team for consideration.