The capability restriction system introduced in #89 is currently working on a per-VM basis, but it should be done on a per-plugin basis because users can provide capability restriction configurations for each plugin, not for each VM.
Let's make the capability restriction work on a per-plugin basis. The implementation design is to be discussed in the comments.