As botre said, you 'send in' the source. Picture the source as just writing on a page... it cannot harm anyone until you read (run) it.
There's no way anything malicious can get onto the SDN. However no scripter is stupid enough to submit malicious code onto the SDN to risk their rank, profits, friends, customers and wellbeing
well, except from maybe @Eliot
apa