Could you please clarify the difference between dll and xml for me then? If that is the case then it seems I misunderstood the differences and what each could do.
XML modding is a text file that contains data in a specific format (XML). The game reads that text file in, parses it, and then goes. That lets someone create new ship data, modify existing ship data, and such. The important bit is that it's just data that an XML parser reads. No code is executed. Barring an error in coding that leads to an exploit, this should pose no security risk to your computer at all as nothing is being executed. The base game itself has its data in XML files, so it reads these mods the same way it reads those.
DLL modding is a compiled assembly, probably (but not necessarily) written in C# that the game loads and calls functions in. Because it's executing code, if it's not sandboxed by the game, it has access to your entire system at the same privilege that the game itself has. Under a properly configured Windows 7+ installation, that means it's running with user permissions and can do things like see your documents, but can't do something like install a rootkit without using a privilege escalation exploit against Windows itself. On improperly configured Windows 7+ installations (admin account with UAC disabled) and most XP installations, the mod could run as Administrator, and thus do ANYTHING.
Properly sandboxed, DLL mods have much more heavily restricted access to the system and are reasonably safe. If there is an error in the sandbox or if it's not in place, those mods can do anything that any program you download online can do, and thus are only safe if you know the author can be trusted and the DLL hasn't been tampered with (ie: code signed).
If you are concerned about security, stick to XML mods only. They're safe by design, barring some kind of exploitable bug in the game itself, which given the state of .net XML parsing and string handling, should be extremely unlikely.
