Scope proxy leak allow constructive access to global lexicals

[mhofman]

A property of the globalLexicals option of the Compartment constructor is that they can only be accessed lexically, which can be denied to evaluated code by simple code transforms. However combined with the leak of scope proxy objects (#31), evaluate code can constructively reach the global lexicals.

const c = new Compartment({}, { globalLexicals: { foo() { return 'secret'; } });
c.evaluate(`
  globalThis.getThis = function() { return this; };
  const hiddenFoo = getThis()[['f', 'o', 'o'].join('')];
  hiddenFoo()
`);

Unlike #876 this affects all evaluators.