Nice trick! Actually, with your jail implementation, bypassing the jail is even simpler. In your jail, when you use the call() method to invoke the function, you don’t pass a value for thisArg, which means that when the function executes, this will point to the global object, giving us access to everything we tried to hide.

Thus, we can easily capture the flag by running the following code:

jail("this.alert(this.flag)");

I created a small codepen to show it in action. This can be fixed by passing an empty object as the first argument for call(), but it doesn’t really fix the problem as you can easily get hold of the global object by creating an anonymous function and immediately invoking it (codepen):

(function(){this.alert(this.flag)})()

So this even further proves your point — building a secure sandbox in pure JavaScript is very challenging if not impossible.