A plugin user has reported a “tool” he created for splitting out the ARM vs x86 code from published, notarized plugins to “save space”. https://gearspace.com/board/new-product-alert/1456018-free-unfatten-free-up-dozens-hundreds-gb-your-mac-trimming-fat-your-plugiins.html
If he is able to do this (strip out parts of signed and notarized file) then its seems to me that the Signing and Notarization process isn’t offering any hacking/malware protection. Why isn’t the Apple notarization/signing/validating system preventing this?