The "access all pages" permission is required for "content extensions". That's any extension that interacts with web content. They can limit themselves by domain, but that's it.
Even simple UI tweaks, like changing how scrolling works, can often only be implemented by injecting into every page. Since Chrome doesn't understand the meaning of any web content, it can't pick and choose what an extension has access to in any useful way. As a result, the permission model is just not terribly useful for extensions, besides the site-specific ones.
Also, last I checked, reviews worked essentially like comments and I could effectively reply to issues on my extension's page. Maybe that has changed by now.
There's a big difference between "can access your data on domain.com" and "can access your data on all websites". (And not all extensions need to modify pages, even Chrome ones.)
I didn't say you shouldn't install extensions that require content privileges (indeed I would highly recommend that you install at least one [1] [2]); just that you should do so with care, and decide whether you trust their authors, because of the broad access they have. The advantage of the Mozilla approach of reviewing every extension is that they (partially!) offload some of the trust decision from the user onto the reviewers.
As I said above, you can respond to a review with your own review, but that's a broken way of doing it: the author's response isn't visually distinguished, and there's no way to ensure it appears anywhere near the review it's responding to, so there's a high chance prospective users will just read the negative or misleading review without seeing the response.
(Concretely: someone can "review" your extension by saying "this extension is evil and spies on all the sites you visit", and your only options as an author are to leave another review halfway up the page saying "@anonymous: oh no it doesn't", or to abuse the "mark review as spam" button.)
Even simple UI tweaks, like changing how scrolling works, can often only be implemented by injecting into every page. Since Chrome doesn't understand the meaning of any web content, it can't pick and choose what an extension has access to in any useful way. As a result, the permission model is just not terribly useful for extensions, besides the site-specific ones.
Also, last I checked, reviews worked essentially like comments and I could effectively reply to issues on my extension's page. Maybe that has changed by now.