As a general rule, you shouldn't run untrusted code. However, it would be helpful to either document or provide built-in functionality to run everything through sandbox-exec(1) on macOS. For example, a user could pass the following sandbox profile to prevent the evaluated code from accessing the network:

(version 1)
(allow default)
(deny network*)