"Harmful" is a rather poor summary of [their actual position][1], which is closer to "this is a big change and we don't know what kind of effect this will have, so we're going to wait and see":

> There is a lot to consider with web packaging. Many of the technical concerns are relatively minor. There are security problems, but most are well managed. There are operational concerns, but those can be overcome. It’s a complex addition to the platform, but we can justify complication in exchange for significant benefits.

> [...]

> Big changes need strong justification and support. This particular change is bigger than most and presents a number of challenges. The increased exposure to security problems and the unknown effects of this on power dynamics is significant enough that we have to regard this as harmful until more information is available.

I think that's a reasonable position. I certainly wouldn't summarize it the way they did though.

[1]: https://docs.google.com/document/d/1ha00dSGKmjoEh2mRiG8FIA5s...

Yet they didn't consider Cliqz harmful when they shipped that. Pot calling the kettle black, I'm using IceCat where possible instead.