Good point. Doing our best to mitigate this risk profile. Private keys are never exposed through the API, browser/extension are isolated environments and wallets MUST implement authorization/signing/broadcasting user confirmations.