I'm not sure that "Plugins will declare what they access" should be interpreted as a planned sandbox system. My (cynic) interpretation that it's an opt-in honor system, that would give a good overview about well-maintained plugins, but doesn't do anything to restrict undesired API access by malware.
However, a permissions system alone is not enough. For example if a user allows a plugin with network connections, it would be easy for a plugin to abuse that permission. That's why scanning the code is still necessary to give users trust in the plugin.
Take a look at scorecards on the Community site, you'll see why some issues are not something a permissions system or sandboxing could catch.
What actually matters is that the plugin developer is pro-social, discloses the behavior, the user accepts that disclosure, and that the user isn't duped by their inability to review all of the code for every update.
I do think that self-reports on permission usage are a step in the right direction, and can also help in decentralized uncovering of unintended API access.
However I think with the recent pace of supply chain attacks, I think we'll be in for a rough couple months until a sandboxing system is added.
You must be new around here.
Forcing a migration seems really user-unfriendly unless there's a symlink or something.
We have a "caution" score because our plugin (system3-relay) has a 3 in it (part of our business name), and we have thousands of daily active users that would need to essentially download a new plugin if we change it.