It is dynamic code being generated on the fly and so is susceptible to either malignancy or accident even before being saved. And being saved, apparently without locking, it is also potentially subject to corruption at that point too. There are surely other avenues which don't immediately spring to mind as well.

Defensive programming when running dynamic code from a tainted (in the sense of taint mode) source is very difficult and how much time and effort you want to spend statically analysing it before running or cryptographically verifying or whatever is going to depend on the value of the system and the cost of it all going horribly wrong. It boils down to three basic scenarios:

1. The effort is worth it, so you put in the hard work to secure it AFAP.
2. The effort is not worth it but the risk is acceptable, so you live with it and just keep your fingers crossed.
3. The effort is not worth it and the risk is unacceptable so you just don't run the untrusted code and find some other way instead.