Also I don't particularly recommend this approach, a vulnerability hiding within browsers might allow for maliciously modifying the program arguments before they are sent to the program.
Everyone must double and triple check everything in their wallet's Send window before they actually sign the transaction and broadcast the transaction to the network. This is regardless of the method they are using. That is why I disagree with using this as a reason for not using this method since any other method (copy and pasting, or using QR) can have similar vulnerabilities that lead to a modified variables.