Tricky stuff, security. You need to understand all sorts of things about the system access a particular command gives you.
On the other hand, there’s sudo, which only exists to give you root access to arbitrary system objects. Spotting that sudo is a potential risk vector isn’t too difficult. So, obviously, the Loons have been extra-specially careful with it.
Then there’s complicated algorithms and hi-tech cryptography and what-not. None of these apply to sudo, so obviously the Loons are more than capable of locking it down.
Finally, there are obscure nooks and crannies of recondite languages ...