Our absolute top priority is security, hence why it's under an experimental flag that forces you to whitelist the allowed domains that you accept URL imports from.
Not only that, but before the feature goes GA, we plan to double down on our Web runtime alignment, and execute URL imports exclusively in the context of the browser sandbox (e.g.: the V8 Isolate that backs a ServiceWorker).
This is the trajectory that we are taking for most code execution at development time, and it's the technique that backs nextjs.org/live, which is the version of the dev server that runs 100% in the native browser (no VMs!).
URL Imports represent an opportunity to build a system for sharing ES modules that's much safer than what folks are doing what npm today, in my humble opinion.