
if they hosted the content on a separate domain and used the sandbox attribute it probably wouldn't even be a huge security risk*
*i'm probably not thinking of something nasty ppl would be able to do
OH! Just embedd https://wasm4.org/ or something. That would be funny