We’ve used both the eval and the read commands in creating a custom Lisp REPL. These commands are very powerful, but also very dangerous. Using them without taking the proper precautions might allow a hacker to attack your software by running malicious commands.

For example, suppose our program needed a function called format-harddrive. This is not a function we would want just any person to have access to, and it could be very dangerous if a hacker somehow tricked our game REPL into calling it.

The game-eval function we created earlier in this chapter has some crude safeguards to prevent a player from entering format-harddrive as a game command. Here’s what happens if we try to run this command in our new game REPL: ...