Let's adopt the perspective of a bad actor who wants to get a malicious
extension onto AMO so people will install it and he can steal their data
or control their machine, and go through the proposed inputs and have a
think about which can be gamed, and how. Of course, the more metrics
there are, you have questions about how the scores combine. If scores
are, say, added, a bad actor may only need to game a few metrics to get
their scores above whatever the magic figure is.

# Editor Review - an editor's assessment of the add-on
   - No more gameable than it is now, although editors may do less
     detailed work if they are relying on the trust system, and if the
     aim of the exercise is to reduce the amount of editorial control
     needed

# Active Users - the number of users who have the extension installed
   - Presumably measured by update pings? Very easily gameable.

# Ratings - the Bayesian rating of an add-on based on all user reviews
   - Given that we don't control accounts very well, this would be
     fairly easily gameable too - just robot in good reviews.

# Flags - the number of times a user has flagged the add-on as a
   violation (to be implemented)
   - Not gameable, as the bad actor cannot reduce the number. But of
     course you need to implement it. And if people's data is being
     stolen or their privacy is being violated, they may well not notice
     so they won't flag it. This is also an "enumerate badness" model.

# Add-on Verification Tool - automated check of add-on packaging,
   adherence to policies, and common security problems (to be
   implemented; see spec)
   - Given that the tool will be free software, malware can be written
     to pass the checks. Given JavaScript's ability to create code
     from strings, I suspect it's very hard to write a full fidelity
     code checker. This is the halting problem.

# Support Information - does the author provide a support URL or e-mail
   address?
   - Trivially gameable.

# Other Add-ons by the Developer - how much do we trust the other
   add-ons this developer has made?
   - Gameable only in that we can apply the same gaming tactics to the
     other add-ons.

In the thread, other people have suggested:

# How active the add-on author is (Cesar Oliviera)
   - Easily gameable.

# % change from previous version (Morac)
   - Easily gameable. Make most of the changes you want in a previous
     version, then do a small update which just enables the nastiness.

All in all, not a great result for non-gameability.

I would suggest that a better approach would be to trust people, in an
Advogato-like model, and have that trust flow through to extensions and
other people only so far as the trusted people are willing to endorse
them. This is sort of like a modified version of the current system,
which is effectively that extensions go from 0% trusted to 100% trusted
upon the endorsement of a single reviewer. Instead, we could encourage
add-on authors to become part of the trusted, reviewing and endorsing
community, and express their preferences for trustworthy addons on the
site. The value of their endorsement would depend on their
trustworthiness, which would depend on the trustworthiness of those who
trust them, and so on. The "trust anchors" would be the existing reviewers.