I was honestly scared of building a plugin system for a long time. Every time I thought about it, I immediately saw the rabbit holes: plugin storage with migrations and cleanup, sandboxed runtime with resource limits, shared JS context with all the XSS surface. It felt like a project that would eat the team alive.
When I finally started working on it, I forced myself to simplify as much as possible. No storage on our side, no plugin code in our runtime, iframes only for UI. Each decision removes an entire category of problems. And now that the PoC is done, the whole thing looks almost riskless.
I vibecoded the PoC with Claude Code in about 3 man-days. We're not shipping that code to production, but it was enough to validate the architecture at our internal hackathon where the whole team is now building apps with it.
Happy to answer questions about the architecture or the tradeoffs we made.