WASM has strong tried and proven sandboxing. We basically can build on nearly 30 years of experience. The decoders don't need a lot of access, they can basically be pure functions.

If this will pan out security-wise I don't know. I'm more worried that it will be so slow that no one will use it. Interesting idea, though, and I can see applications outside of the "big data" realm this apparently targets.

Yes...my first thought. No way in hell anyone actually trusts this.

(And as if we didn't trust the compiler enough already!)

Does WASM have built-in I/O? If not, all that a decoder would be able to do is to decode into a buffer.

But the WASM runs in the sandbox! It only has access to some files, your display, inputs, ... nothing insecure at all!