This repo contains a monkey-patch spec that sketches an IDL attribute that limits the exposure of IDL constructs to contexts that sufficiently mitigate the risk of injection attacks. Perhaps you have opinions about that kind of thing?
Read the spec at https://mikewest.github.io/injection-mitigated/.
File issues at https://github.com/mikewest/injection-mitigated/issues/new.
Thanks!