1. Capability control only works for JavaScript (https://www.graalvm.org/latest/reference-manual/embed-langua...)
2. The documentation says in no uncertain terms that running untrusted code is unsupported (https://www.graalvm.org/latest/security-guide/#security-mode...)