maybe you’re thinking of a web context? This is way more sandboxed than web graphics apis. The only exploit points are memory DoS (easily prevented with max file size limits) or exploits in the image loader. But these issues would already exist in existing image loaders we already use.

We don’t do any shader compilation or anything on remote resources.

Maybe you're right. I like it.