You are right, COM can do some very dangerous things, but COM scripts are not a single line of mIRC code. As you can see in something as simple as writing/reading to/from the registry required ~10 lines. It would be harder to persuade a user to type all 10 of those lines into mIRC than it would be to persuade someone to type a single /regwrite line.