USE CAUTION WHEN DOWNLOADING PLUG-INS FROM UNKNOWN AUTHORS. As with any VIs you pull from the web, use caution. Take a moment to glance at the block diagrams of the code and make sure the plug-in does what it is advertised to do. The plug-ins uploaded by NI have been locked so that they can only be edited by NI employees to ensure contents are not replaced by malicious entities.
To identify where to install a plug-in, look at its tag for either edit-time or run-time location. If a plug-in is untagged, you'll have to contact the author if it is not obvious. In this image, two plug-ins are tagged and two are not.