As a user, you should only provide your facebook credentials to facebook, or your twitter credentials to twitter. This extension encourages users to submit their twitter credentials to the site where the extension is installed. The extension handles them properly and sends them to twitter using https... but the user cannot know that.
Note please that I'm not saying that this is a malicious extension: it is not. I'm only saying that, as a user, you shouldn't be using any site that uses this mechanism because your password can be stolen.