@aljoscha lets discuss possible security aspects of plugin systems in a fresh thread. This one is already a lot to get through, and I think we can consider security aspects somewhat independently of how the connections between plugins are arranged, at least - we can start by considering what can be controlled about a single plugin and work from there.