Why go through the trouble of generating a blob of executable code at runtime rather than just including it in the JS source? The security guarantees are the same.