Plugins guidelines adding warnings in Site Health

[marcarmengou]

Moving this ticket here: https://core.trac.wordpress.org/ticket/61251

I have seen a plugin with 1+ million installations adding warnings in the Site Health area, which have nothing to do with the security of the site. This particular warning appears under "Improvements".

The notice has a link that takes the user to an internal page of the plugin with two buttons:

1. Allow plugin connect to a third-party application to perform certain functions and synchronize information.
2. Buy the Pro version of the plugin.

I'm not against point 1, nor point 2. But I don't think it's right using the Site Health area to advertise features that are not improvements to the health of the WordPress site or its hosting environment.

It may be a good idea to narrow down what plugins can or cannot do in the Site Health?

I do not know if there are more plugins that do this or not, but it is possible that if it is not limited in some way, others try to take advantage of it for things that have nothing to do with the security of the site. As is this case.

[dd32]

This feels like something that would already fall under either Guideline 9 or 11. Even if not explicitly stated.

https://developer.wordpress.org/plugins/wordpress-org/detailed-plugin-guidelines/#9-developers-and-their-plugins-must-not-do-anything-illegal-dishonest-or-morally-offensive

https://developer.wordpress.org/plugins/wordpress-org/detailed-plugin-guidelines/#11-plugins-should-not-hijack-the-admin-dashboard

If you think it's against either of those guidelines as written, email the team with details and screenshots.
Otherwise, please do review the plugin with an appropriate rating.