Yes, browser extensions can help detect suspicious secret-like patterns in frontend assets that are already reachable in the browser. But detection is limited to what the browser can access and what rules can sensibly surface.
What they can do well
Observe shipped frontend assets
Scan JavaScript bundles for suspicious patterns
Preserve evidence in context
What they cannot do alone
Prove exploitability automatically
See server-side secrets that never reach the client
Replace human validation and broader security testing