The variable plugin_maturity determines which plugins we can or cannot install. The default is One less than the server maturity. So you seem to agree that requiring the "stable" level might be unpractical.

But I don't think there is a magical maturity level that fits all cases and all plugins. We could set it to a looser value, but normally we'd do that just because we want to make one exception. Which defies the purpose of having plugin_maturity at all.

It would be better to set plugin_maturity=stable and have a plugin_whitelist variable which is a comma-separated list of plugins that we want to be able to use, regardless their maturity level.

Should this variable be dynamic? I don't have a strong opinion, but the case described in MDEV-17178 doesn't seem very relevant in my opinion. If an attacker has access to the filesystem they can destroy data, change data, create users, etc. If they just play with plugins instead, you should send them a thank you card.