Largely this problem which is core to Emacs in the sense it literally is "An Elegant Weapon For A More Civilized Time" due to its age. There is no concept of sandboxing anything in Emacs. You do get an alert sometimes when you change Theme's since they have a notion of totally executable code. Maybe a better solution would be to make a subset of elisp that artifacts be coded in which are sandboxed.