The point is to reduce the attack surface, especially for browsers that run untrusted input. You don't want a local exploit in your browser (that hopefully is also configured not to have access to your entire filesystem) to screenshot other apps and websites. Maybe you disable all the warnings in IntelliJ too that prompt you to be careful when opening a new Git project from a remote source?