@macberg yes as I see it incompetence can happen equality on both sides. stuff that leads to hacks by accident.

malice is harder to do when the code is open though.

also, proprietary + commercial vendors much more often have analytics and other network related features vs opensource plugins, so I am then more skeptical of them in general. a plugin requiring libcurl is often a red flag for me.