Perhaps,Purebrowser integrated addons mechanism - most prominently visible as the about:addons page - is linked with Mozilla addons service.
This both implicitly promotes non-free add-ons, and leaks user data to a third-party.
Previous releases of PureBrowser (releases based on Debian Iceweasel) linked to the FSF addon web page https://www.gnu.org/software/gnuzilla/addons.html - which addressed the promotion of non-free addons (assuming GNU-provided addons comply also with Debian guidelines), but still leaks user data.
One fix it might be worthwhile to create your ownis to create on the PureOS website a page like this,similar to https://trisquel.info/en/browser/addons/ - but that on the PureOS website: https://trisquel.info/en/browser/addons/too would leak user data.
Possibly best is to setup an APT trigger to generate a web page locally on the user machine which lists addons available to install with APT.