Command line and user in browser window can both be united into: executing the code provided by the user.
Eval can be closely compared to the execution of a binary file. Do you trust that user to upload executable and run it on the host? Then eval is fine, otherwise - you are asking for the trouble.
Eval can be closely compared to the execution of a binary file. Do you trust that user to upload executable and run it on the host? Then eval is fine, otherwise - you are asking for the trouble.