How do you handle tricky FFI memory safety issues in production?

I went ahead and built a small early demo/prototype . I tested it on Wasmtime and it actually flagged several FFI boundary issues, including patterns related to previous sandbox escape vulnerabilities. Here are the reports: * Wasmtime Analysis Report * Source Code Verification The tool is still very rough, but these results motivated me to keep going.