Nope still the same thing: all AI is insecure, you cant put untrusted unconfirmed text from anyone in through a secure airlock and let it run wild.

The answer is you need complete control over the text blob on the secure side, but then.... none of this works so throw it in the trash already