Templates _shouldn't_ ever be taken from untrusted user input (and it's hard to
do so without just edit the dag file, at which point you can run whatever
python code you like _anyway_), but this is a reasonable safety measure just in
case someone does something "clever".

(cherry picked from commit 429584525fd7037215c5b6019aa7d643f2d7cb1a)