Source Grep Is Not A Sandbox

A security check that scans the source text of code for forbidden tokens before handing the code to a dynamic interpreter. The interpreter resolves names, computes strings, traverses method dispatch, and rewrites bytecode at runtime, so any token the check forbids can be reconstructed from pieces the check never matched. The blocklist becomes documentation of the author's threat model rather than enforcement of it.