While personally do understand the security risks of enabling placeholders for Kee, I cannot see how reference placeholders could pose any threat whatsoever. And it’s quite annoying that I either have to manually enable placeholders on all entries using reference placeholders or enable them on the entire database (which is a bad idea).
So my idea would be to add a third global option that doesn’t evaluate any placeholders except references and make that setting the default for new databases. I think this is a reasonable compromise between security and usability.
Additionally two more settings could be nice. These would be placeholder whitelist and blacklist (so 5 settings for how placeholders are evaluated. Or 4 if my suggested feature are the default entries for the whitelist).