As someone working on an extension right now, I can definitely say that you only need the “ActiveTab” permission. With this, the extension only becomes active (and can interact with the page) when the user right-clicks an image and selects the action from the extension.

No need for full read and write permission.