Thanks. "Better" basically means "running/working" as my approach does not work in the context of the Shiny app. "Secure" means that the function loaded from an external file runs inside a sandbox environment. The sandbox is needed - or at least I would say so - to reduce the risk of importing malicious code. The whole idea of the app is that it is later used by a less tech-savvy person to provide access to data that was previously not available for researchers. Now I could surely implement a bunch of "shapes of data" to transform the logdata into, but it would be more extensible if additional functions for the transformation of logdata can be simply loaded from file. This allows experts in the field of data analysis to provided additional data wrangling functions by simply sending a file to the person operating the Shiny app. So, no, I would not call it an XY problem.

How I am calling the functions: I take the source code of the function stored in the variable fun and then evaluate the function in the sandbox: eval(parse(text = fun), envir = sandbox_env) . I then get the function object env_fun <- get(fun_name, envir = sandbox_env, inherits = FALSE) and execute the function result <- env_fun(df).

So I don't simply pass the function itself as it is loaded from a file and run in a different environment. As this approach works when run in a simply R script but not in a Shiny app, I assume it has something to do with the environment.