How to sign our custom plugin or make it trusted?
This process is not yet defined.
We would like to have some kind of review process before external plugins are signed. To ensure at least that they are not harmful. In the future, it is planned to establish this process.
How should we have review?
For example by giving us the pointer to a GitHub repository or by applying for a kind of certificate, but as I said this process is not defined yet.