When I was a Google employee, I helped a friend go through their account lockout issue. It was because they used MFA to a phone number, but later changed their phone number, which made them unable to login. He tried so many times that some velocity threshold was hit, further limiting the possibilities.
My friend needed to respond to some interview scheduling, so, it was a stressful situation.
Part of the problem was that it was hard for my friend to find a way to create a support ticket. He did in the end and got in a line of communication via an alternate email.
There were many miscommunications from both my friend and the support agent. While Account Recovery or even basic identification are hard to navigate for technically-minded folks, it's even more challenging for non-technical folks, including the support agent.
In the end, I got in touch with the support person, helped translate what they wanted to know to my friend, and likewise, translated what my friend was saying in a way that the support person could understand.
I don't think I was able to see the support ticket itself, because of PII restrictions. In the end, my friend was able to restore service. I doubt he'd have been able to without my support in time to respond to the interview scheduling.
We made sure that the activation of the API is gated by:
1) User Activation checks
2) When access to the file system is requested, a File Picker is necessary
3) When the API is in use, there are plenty of indication that it's being used
We put a lot of thought in Privacy and Security, as we do for all APIs.
I worked on this. The quote is true, in all honesty. Same as downloading and running applications from the web.
We do our best to make sure the scenario listed doesn't happen. For instance, on Windows, after a writer is closed, we apply the Mark-of-the-Web, apply SafeBrowsing checks and finally call a system API which may trigger an anti-virus check.
On the Mac, we apply the equivalent of Mark-of-the-Web. You may have noticed that when you open the file, sometimes it asks you to ensure the provenance of the file?
Basically, it's a similar procedure as for file downloads.
Edit:
I forgot to say that "sensitive" directories are not allowed.
Think C:\Windows, etc.