As part of the release of Notation 1.0.0 we need to document the security best practices to use Notation in various scenarios for plugin downloads and installations. Things like:

• download from secure locations
• checksum verification
• eventually malware scan before use etc.
  Any other relevant guidance will be helpful for users to make better decisions for plugins.

Also, we need to document the associated risks with that.