Question regarding PRF extension

Hey I just had this question raised to me about the PRF extension of
webauthn and I figured it was worth passing on here.

Would it make sense to require the Webauthn platform API to get wrapped in
a ShadowRealm object when they become available to prevent browser
extensions from tampering/intercepting the requests?

Generally speaking my understanding is that browser extensions are
considered trusted within the browser threat model and therefore it's fine
for them to be able to intercept the PRF extension value of any origin.

Here's an example:

// Modify some global objects. For example, MITM the webauthn APIs to
capture secrets.
const createCredential =
navigator.credentials.create.bind(navigator.credentials);
navigator.credentials.create = function create (options) {
    const secret = options?.publicKey?.extensions?.prf?.eval?.first;
    if (secret) {
        console.warn('injected: intercepted prf');
    }
    return createCredential(options);
};

const getCredential = navigator.credentials.get.bind(navigator.credentials)
navigator.credentials.get = function get (options) {
    const secret = options?.publicKey?.extensions?.largeBlob?.blob;
    if (secret) {
        console.warn('injected: intercepted largeBlob');
    }
    return getCredential(options);
};

This seems like it wouldn't be a good idea to allow interception for the
PRF extension by browser extensions nor should they be allowed to tamper
with any webauthn API related requests for that matter. Especially when
considering the context that Password Managers want to use this extension
to encrypt the password data [1]. What's the general thinking on this and
would shadowRealm objects be adequate for achieving this protection or
would we need an alternative means to achieve this?

[1]:
https://groups.google.com/a/chromium.org/g/blink-dev/c/iTNOgLwD2bI/m/1zKXsF7uAgAJ?pli=1