Very interested but haven’t committed to Obsidian due to ongoing security concerns on the plugin side. This has been covered in some forum threads, that any plugin could have access to any part of your system drive, by design/necessity, and so technically, any plugin could to rogue and leak financial or other data from your machine. The main counterweight to this is people seeing the source at git, and then flagging/alerting on any malicious code. That’s a huge trust to put in other people.
At the same time, plugins are fire. I mean, to me, they are single-handedly creating an obsidian tsunami of great features, and a much faster market adoption of the main product.
But how can enterprises honestly be able to deploy a system with such loose security? But if they ban all plugins but system ones, though, they lose out on a boat-load of cutting edge ideas, features, and functionality.
Could there be, or is there someone looking into a plugin that can act as a supervisor to other plugin activity? Like an ‘endpoint security’ plugin, that can monitor other plugin calls for internet activity, or–?? I’m not software-savvy enough to further flesh out my question…