I would say it's equivalent to opening all email attachments in a VM, as there is a sandbox these things run in. That's security-wise though.

Privacy-wise there's certainly more fingerprintable data available to the program than what you would get in a typical VM.