Just to parse some files there are already tools and libraries for, for added security, without specifying a threat model