You missed the section that contains this key line: (That doesn't mean that a CGI script's source is readable by people on the web, though, only by people with access to the filesystem)

But you are missing the point too. The source of a CGI script can only be viewed by people with sufficient access to the file system. They have to have shell or local access to view the source code. (Unless you have hosed your web server configuration!) So there is no point in running a script through another script before sending the output to the browser.