Maybe I shouldn't be listening to music when trying to think after all... There are some serious flaw with the previous post. Automatically allowing plugin-to-plugin communication based on capabilities is sensible in a setting where you don't trust any plugins at all, but why would hand out capabilities then. If you hand out a capability to a plugin, you trust it not to misuse it, including not indirectly giving that capability to untrusted plugins through rpcs. So in some sense we could actually trust the claimed capabilities of rpc methods. Placing this trust into plugins allows to give access to some functionality to a less trusted plugin, using the trusted plugin as a filter.

So yeah, much of the previous post is garbage... Sorry about that.