diff --git a/src/plugin/plugin.go b/src/plugin/plugin.go
index b2a0fbe3ea2..a5489e638b9 100644
--- a/src/plugin/plugin.go
+++ b/src/plugin/plugin.go
@@ -13,8 +13,56 @@
 // already part of the program are called. The main function is not run.
 // A plugin is only initialized once, and cannot be closed.
 //
-// Currently plugins are only supported on Linux, FreeBSD, and macOS.
-// Please report any issues.
+// # Warnings
+//
+// The ability to dynamically load parts of an application during
+// execution, perhaps based on user-defined configuration, may be a
+// useful building block in some designs. In particular, because
+// applications and dynamically loaded functions can share data
+// structures directly, plugins may enable very high-performance
+// integration of separate parts.
+//
+// However, the plugin mechanism has many significant drawbacks that
+// should be considered carefully during the design. For example:
+//
+//   - Plugins are currently supported only on Linux, FreeBSD, and
+//     macOS, making them unsuitable for applications intended to be
+//     portable.
+//
+//   - Applications that use plugins may require careful configuration
+//     to ensure that the various parts of the program be made available
+//     in the correct location in the file system (or container image).
+//     By contrast, deploying an application consisting of a single static
+//     executable is straightforward.
+//
+//   - Reasoning about program initialization is more difficult when
+//     some packages may not be initialized until long after the
+//     application has started running.
+//
+//   - Bugs in applications that load plugins could be exploited by an
+//     an attacker to load dangerous or untrusted libraries.
+//
+//   - Runtime crashes are likely to occur unless all parts of the
+//     program (the application and all its plugins) are compiled
+//     using exactly the same version of the toolchain, the same build
+//     tags, and the same values of certain flags and environment
+//     variables.
+//
+//   - Similar crashing problems are likely to arise unless all common
+//     dependencies of the application and its plugins are built from
+//     exactly the same source code.
+//
+//   - Together, these restrictions mean that, in practice, the
+//     application and its plugins must all be built together by a
+//     single person or component of a system. In that case, it may
+//     be simpler for that person or component to generate Go source
+//     files that blank-import the desired set of plugins and then
+//     compile a static executable in the usual way.
+//
+// For these reasons, many users decide that traditional interprocess
+// communication (IPC) mechanisms such as sockets, pipes, remote
+// procedure call (RPC), shared memory mappings, or file system
+// operations may be more suitable despite the performance overheads.
 package plugin
 
 // Plugin is a loaded Go plugin.