Shopify's EmbeddedSDK does plugins (or "apps") very securely, but it comes at a development price. Instead of getting write access and running code on the server directly, you basically interact with an API via an embedded web page. Basically an Iframe. The API is more secure than getting to execute arbitrary code; but it is more restricting as a developer. Not perfect, but much better.