We auto-run all notebooks, but that is a security issue when using Pluto to open unfamiliar notebooks from the web
I think the best solution is to prompt the user about trusting a notebook before they run it. Maybe require them to scroll through the whole thing? Recent notebooks and sample notebooks don't need that prompt.
(Recent notebooks can change outside of a Pluto session, but if that would introduce a security issue, then the real security issue is that someone can change local files without your knowing.)
Any <script> elements in HTML output is executed. This includes scripts not authored by the user.
Jupyter has this:
https://jupyter-notebook.readthedocs.io/en/stable/security.html#the-problem
Observablehq has a much better solution for JS security: they run all user HTML and JS inside an iframe with a separate domain. That way, the browser guarantees security.
Security of HTML and JS is much more relevant when you use Pluto in a web-hosted environment with credentials and such, but that's still very far away for us.