Any Turing-complete interpreter written in a non-memory-safe language is a potential exploit vector; and browsers are full of them. The major browser engines all do their own font rendering, for just one example.
This is why the iOS App Store allows Swift Playgrounds (app with a memory-safe interpreter), and allows iSH Shell (virtualized POSIX environment, where you can write and run e.g. bash scripts), but doesn't allow iSH Shell to ship with gcc.
That's just a business requirement on the App Store rather than a technical requirement. Nothing prevents you from installing iSH shell and then installing gcc yourself afterwards. In fact I have done so.
To summarize, Apple made a speed bump, not a wall.
iSH doesn’t ship with GCC because it is massive, not because Apple blocks it. In fact it would probably be easier for us to include it rather than deal with making the package available to be reviewed.
