I'm surveying a wide array of web frameworks, and the majority don't mention security as an issue on their websites (eg scriptaculous, jQuery, Prototype, Rico)
Does anyone know of any that are more or less secure than the others? (ignoring the usual security holes that using JavaScript provides e.g. XSS)
Given that web sites can return malicious javascript, I'd guess it's up to the browser (not up to the javascript) to enforce security.
As Javascript is told to be executed in a sandbox, there should be no security issues in any framework per se. There could only be browser/JS implementation bugs, if any.