Designing a marketplace for user-contributed content presents several challenges, necessitating considerations of security, consistency, and tooling, particularly in maintaining stable extension-building processes across various Directus versions. Over the past year, significant groundwork has been laid, including the development of the Directus Extensions SDK for scaffolding and building extensions, installation options via npm or external storage, and a robust metadata structure, all aimed at enhancing extension development and reliability. Currently, project admins are responsible for understanding the security implications of installed extensions, a situation that may change as users who install extensions might not manage infrastructure. The announcement of the Secure Extensions Framework marks a significant step in this development, providing aggressive sandboxing and requiring permissions for actions like external web requests and database operations, although existing extensions will remain functional in Directus 10.7 and future versions. Developers are encouraged to adopt the Secure Extensions Framework to align with the ongoing efforts to develop the Directus Marketplace, with further information available in the documentation and community support accessible via their Discord channel.