It seems to me that they thought the linter would be safe to run as it wasn't meant to actually run untrusted code, just statically analyze it.