I feel like plugins are going to be really difficult to figure out. How are they going to allow javascript to be dynamically loaded in at runtime and ensure any kind of safety?
Sadly, I could not find the original paper, but we studied this in my security class. Google allows add-on extensions in google docs that are untrusted. They do this by transforming un-safe behaviors in the source javascript to safe, contained behaviors in the plugin that actually runs. This technology could be adapted for this project as well.
