The Microsoft Office applications were originally designed for end-user ribbon modifications.

As I originally stated, it is NOT modifying the ribbon that is the issue, it is the use of VBA that is the security issue. VBA is only a security issue because Office is used by lots of people who are routinely careless about security.

There are other methods of customizing Office:

• VSTO - not cross-platform as it can only be used with Windows.
• Office JS Apps - cross platform but the API doesn't have the depth that the COM object model does.

Microsoft has wanted to kill off VBA for a long time, but every time it tries to replace VBA with a modern technology it has only limited success. However, use of, and interest in, VBA has dwindled in recent years so perhaps they'll finally get their wish.

Customizing the Ribbon is only a security risk if it requires code to be executed, and it is the code that is executed that is the security risk not the Ribbon XML. I doubt that any bad actor would bother to modify the ribbon when code can be executed automatically simply by opening a document.