This doesn't change anything, you've just added another link at the end of the system > non-functional > security > code execution security chain.
Each project has the option at every link to decide that they're willing to accept a certain risk there and then tools delivering better results don't matter.
Each project has the option at every link to decide that they're willing to accept a certain risk there and then tools delivering better results don't matter.