Signed browser plugins with hardcodded checksums sound like the most practical/obvious solution.
I mostly like this idea, however 'hardcoded checksums' sounds like it could be a pain since many of these projects are updated every couple months. Any way to make the checksums more flexible?