Would also love to open a plugin from the URL. See discussion here: https://community.windy.com/topic/8925/how-to-document-a-plugin
It is considered a potential security threat. I though it was only possible to inject JS if the author of the plugin actively allows it, by appending a script element. I may be wrong?
So would I. I suppose the problem is dynamically injecting code into an app would be a security risk. Perhaps one day, the plugins could be offered as an in-app add-on.