Do you mean that I could write it, send it to you, you make sure it’s not doing anything malicious and then add it to JGO? Or that we could just upload our own plugins on the fly?
Your servlet container will run in it’s own JVM (with a heap of 16MB) with a pretty tight SecurityManager.
Still we’ll have peer-review before anything is published.