So my application allows users to write their own pandas operations using pandas.eval() https://pandas.pydata.org/docs/reference/api/pandas.eval.html
The code they write will be sent to the backend as a string, and it seems that pandas.eval() is vulnerable to stuff like SQL injection.
Is there a way to evaluate the expression before hand, like running the expression in a separate "environment"?
