Possible to disable / filter widgets for security?

Any idea of how to approach filtering widget content so that users cannot add things like ads, or anything that might introduce malware - maybe just filter out javascript and iframes, look for encoded text, etc.?

I haven't been able to find anything even talking about this and not sure if should be a concern, how much of a concern, and how to approach it.