The most important principle in rc’s design is that it’s not a macro processor. Input is never scanned more than once by the lexical and syntactic analysis code
And they describe the IFS=/ hole for setuid programs which is a good one.
Oil follows the same principle, which I call static parsing , versus the dynamic parsing or undecidable parsing of Bourne shell and all its derivatives like bash.
(A notable difference is that Oil compatible with POSIX, Bourne shell, ksh, and bash, while rc is not.)
I probably got that idea from rc shell without realizing it, as I remember reading this paper more than 10 years ago.
I also recently picked up Programming Perl (by Christiansen, foy, Larry Wall), and it points out the same issue with shell multiple times:
In Chapter 20 on security:
Unlike most shell programming languages, which are based on multiple, mysterious substitution passes on each line of the script, Perl uses a more conventional evaluation scheme with fewer hidden snags.
However, this is not entirely true, because there are corners of Perl that have undecidable parsing 
I heard Larry Wall say that one of the goals of Perl 6 was to really fix this problem. It doesn’t do dynamic parsing like Perl 5 does.
Also, back in January 2019, I rediscovered a security problem due to dynamic parsing which appears in all Bourne-derived shells (and at least the OpenBSD shell actually patched it, not sure about bash):
The guy who discovered ShellShock in 2014 wrote a few of the StackOverflow answers there.
Plug: tell me what you think of Oil’s syntax :) 
 https://www.oilshell.org/release/0.8.2/doc/syntactic-concept... and http://www.oilshell.org/blog/2016/10/22.html
(copy of lobste.rs comment)