It's also a potential security risk if macros have unfettered access to the file system of the build machine, where some third-party dependency could read arbitrary files and embed their contents into a binary that gets shipped somewhere.
One way to handle this, if you want macros to be able to read files, is to require that the paths to those files be passed to the compiler, and provide a specialized interface that allows macros to only access the contents of allowlisted files, instead of using raw file APIs. That provides an audit trail of sorts because the package manifest/build system have to explicitly list the files that they're permitting access to.
Those issues aside, IMO something like #embed would be better implemented as a compiler built-in that just reads the file contents and generates the appropriate constant data at the IR level. That would be far more efficient than a macro that generates a huge array that then has to be compiled, especially because today the compiler performs inconsistently when doing this.