The tirith project on github tackles an interesting security challenge: Homographic attacks.
In short: An url looks like a regular known fqdn based url, but in fact it uses the new International character based urls to carmouflage spoofed services.
The package aims at non browser based attacks via eg terminal.
The code is maybe containing a lot of Claude generated stuff and that is clearly noted, so I do not suggest to use it without review.
I think it is helpful to be aware of the challenge when keeping Plone portal transforms during save uptodate with security challenges.
I had not the time to review an example in Plone. But you find some in the README of tirith.