Part of the Apple sandboxing model is to run a check on binaries to make sure internal APIs are not being abused, or other shenanigans. I would not trust the Apple sandbox at all, especially with the privacy in place which prevents any sort of auditing of what people are doing to their devices.