diff --git a/src/agent/modes.js b/src/agent/modes.js
index bd8cb4a..54558dc 100644
--- a/src/agent/modes.js
+++ b/src/agent/modes.js
@@ -285,40 +285,40 @@ async function execute(mode, agent, func, timeout=-1) {
 }
 
 let _agent = null;
+const modes_map = {};
+for (let mode of modes_list) {
+    modes_map[mode.name] = mode;
+}
 
 class ModeController {
     /*
     SECURITY WARNING:
-    This object is accessible by LLM generated code, as are all of its references.
-    This can be used to access sensitive information like API keys by malicious human prompters.
-    Do not store references to anything outside this object to prevent this.
+    ModesController must be isolated. Do not store references to external objects like `agent`.
+    This object is accessible by LLM generated code, so any stored references are also accessible.
+    This can be used to expose sensitive information by malicious human prompters.
     */
     constructor() {
-        this.modes_map = {};
         this.behavior_log = '';
-        for (let mode of modes_list) {
-            this.modes_map[mode.name] = mode;
-        }
     }
 
     exists(mode_name) {
-        return this.modes_map[mode_name] != null;
+        return modes_map[mode_name] != null;
     }
 
     setOn(mode_name, on) {
-        this.modes_map[mode_name].on = on;
+        modes_map[mode_name].on = on;
     }
 
     isOn(mode_name) {
-        return this.modes_map[mode_name].on;
+        return modes_map[mode_name].on;
     }
 
     pause(mode_name) {
-        this.modes_map[mode_name].paused = true;
+        modes_map[mode_name].paused = true;
     }
 
     unpause(mode_name) {
-        this.modes_map[mode_name].paused = false;
+        modes_map[mode_name].paused = false;
     }
 
     unPauseAll() {