Here is a repository, which keeps record of some malicious extensions/apps on Chrome Web Store, and their source code.
You are welcome to make pull requests to add more extensions.
You can use some tools like http://crx.zhuzhu.org to download crx files of Chrome apps/extensions, and unzip them to check all the source code.