[sunnya]

No, it's using Roslyn directly.

[Touche]

Smart, every time I see one of these I worry that someone malicious will attempt to delete the server's Windows folder.

[fekberg]

Roslyn doesn't prevent you from doing that though. You still need to validate, filter and run your code in a sandbox.