Comment by aucisson_masque
13 hours ago
I think that plugins are an inherent risk, there is a pop up in obsidian warning the user before enabling them, and it's up to the user to agree or not.
In my opinion, what could have been done is kind of like what mozilla does where it will vet some of the most popular extensions, so that you know there is at least some kind of verification on these extension, and let everything else be wild.
I'm not sure that you can use a.i. to defeat a.i., if an ai is able to spot malware in a code, it can just as well hide it (from itself).
The blog post describes this but there are still manual reviews, similar to what you are asking for. We just need to expose that in the UI.
AI is not used in the review process. The system is primarily based on our open source eslint plugin, with additional dependency and malware scanning
https://github.com/obsidianmd/eslint-plugin