Replace VM2 sandbox with isolated-vm (or, something)

[trasa]

VM2 has a critical security flaw that cannot be fixed: patriksimek/vm2#533

Since we're running input files that are within our control (and not just some rando's json files), this project isn't really "broken" by this. But still, the VM2 Sandbox project has ended, so we should replace it or rip it out.

Option 1 - Replace with isolated-vm.
Option 2 - Don't do anything, as we're not running anything TOO scary...
Option 3 - Re-think how we work with the postman JSON files and come up with a better solution...