Does Disabling Safe Mode while using iCloud sync give plug-ins access to files in iCloud Drive?

Things I have tried

I have tried searching around and asking this question on reddit but didn’t find a solid answer…

Question:

Question is mostly in the title… I am trying to find out how secure/safe I am to use Obsidian in iCloud (allowing me to use on mobile and computer) while also using plug-ins. Is there any documentation stating what type of iCloud API is used by the devs? If the iCloud folder is sandboxed than I’m assuming that I don’t need to worry about plug-ins looking at other files and folders in my iCloud Drive? I hope my question makes sense. Depending on the answer will determine if I use Obsidian in the cloud or not due to security risks. The Safe Mode disable screen has me scared.

Thanks.