Patch command injection from entity inputs

A malicious map could potentially execute arbitrary commands as the player, such as `unbindall` and other such shenanigans. This has been somewhat addressed by ReloadedFix, but more commands should be blacklisted / swap to a whitelist / another solution, and it should apply universally.