checking eval for errors is enough, once the code fails.
... but then you don't have protection from unsafe code, which I thought was the point of your post. I generally suggest checking eval for errors because it's a good habit to get into, though with the very restrictive regex I suggested I might be open to the argument that this case might be an exception to that rule.
Your all-covered approach reminds me of parents insisting to drive their kids to school while they keep their bike's helmet on.
Like this you are scaring them away from learning how to bike by themselves.
Defensive programming is a very different thing from your analogy, which I would say is too extreme and too much rhetoric. Showing your kids how to properly put on their safety gear is not a bad thing.