Thread:Extension talk:UserFunctions/More secure version suggestion

The page says that this extension has a major security risk because these functions can be used to superficially hide information from sysops and can expose e-mail address.

I have some suggestions to enhances this extension and make it safe:
 * Limit its functionnality to some namespace where only sysops can modify pages (MediaWiki:) to define message.
 * Add the possibility to select only some functionnality of this extension and disable the other (like #useremail).

It would be great to enable this extension on Wikimedia sites, in particular for the #username, otherwise the   tag is quite useless.