Got it, thanks. And yes, you're right, after checking, Chrome extensions don't have access to local files by default. I checked all of the extensions I have (after disabling them all) and none had "file access" enabled.
that doesn't let you launch processes, it lets you interact with running ones. even if the chrome extensions could launch new processes, they run inside Untrusted integrity level on Windows, you can verify this at chrome:sandbox and checking the Chrome task manager (shift+esc). You cannot interact with processes above your own integrity level nor launch processes with an integrity level higher than your current.
Do Chrome extensions have access to the file system too? Is there a chance my local KeePassX file has been siphoned off?
Thanks