The issue with #Rust macros running code at compile-time, and being able to access the world is a valid one.
However, running it all in a #WASM sandbox only moves the target a little. A macro can still easily insert a bunch of malicious code in the compiled code that nobody would notice. Then, when you for example call deserialize(), it could go online and do nasty shit.