[i_k_k]

Well, duh: they needed to make sure to run the script twice.

[ht85]

Make it 3 times, you never know how clever those hackers folks could be!

[matheusmoreira]

Make it infinite times and stop after the output stabilizes to a constant string!

[kevincox]

I think this is actually a correct solution. Although not particularly elegant or efficient. If as long as if the string is unsafe the string will be modified. Then looping infinitely will never return an unsafe string. If it is also true that the modifications only delete characters then you will eventually arrive at a safe (or empty) string.