At least perl doesn't support this, so it's inherently insecure there, but you can always use YAML::Syck which didn't go this way.