It's publicly accessible because I wanted to make life easy for language developers. It's not a security threat per se, since all it does is read files and output stuff. But I take the point about it revealing if certain plugins are installed. If this bothers you, the file is easy to remove. I will think about this for the next maintenance version.