There are different kinds of safety, though. There's sandboxing, which means that applications running in WebAssembly should not have access to resources they are not privileged to access. And there's memory safety, which means the WebAssembly application itself shouldn't try to break guarantees about memory. These are two separate things, and only the first can do things outside of breaking the website you're on.