I second this. As there is no way to know which users have "subscribed" to the bot, it might be a realistic threat vector. Is there any way the plugin can be made open-source maybe? So that the community could help with the implementation of this feature.