I'm forwarding a point made by Bartosz Leper: My only concern now is privacy. I would strongly recommend enforcing a confirmation dialog that would pop up each time the user drops files onto a drop target, and ask him directly whether he allows the app to use these files. This is important because we're changing the way that browsers work by default. So if a user wants to open some private file by dropping it on the browser, and the browser displays a malicious page... You know what could happen. This is part of a more general issue that I always blame Gears for - providing not enough clear messages to the user - but I suspect I'll need another thread to express my opinions in this matter.
If you think that such pop-up could be disturbing in long term, I'd suggest a domain-wise "don't ask me again" option.
