Heh, what a perfect setup for attackers.

UI is perfect for 'vote' manipulation. That is download your own plugin hundreds of times to get it to the top. Make it look popular.

No way to share to other that the plugin is risky.

Empowers users to do dangerous things they don't understand.

Users are apt to have things like API keys and important documents on computer.

Gold rush for attackers here.