Im just wondering if XF has a policy regarding plugins and in regards to what can and cannot be tacked to the code.. for example if a plugin contains code to scrape my site and this is all done without knowledge or consent of the site owner do the powers that be care? i mean its not like all of us can open up a file and understand what its doing.. Some of us just have to trust the product does what it says and no more.. I know there is no QC here in relation to plugins, and im certain the policy in relation to customers is Buyer Beware,, Im also sure the code would be discovered sooner then later by members more talented than myself..
FYI the above is an example only and am not aiming this discussion at any one particular developer..
I think if the situation was considered to have a negative impact on its customers, then yes, XenForo would take action. It would be first advisable to take it up with the add-on developer, though. It may be a mistake or unintentional or other explanation. It's only fair to give them the opportunity to rectify it themselves.