A system for intrinsic runtime security includes an application code repository, a security code repository, a trusted execution context, a first sandboxed execution context and a policy enforcement module, operating based on security policy, that enables the first sandboxed execution context to modify objects without enabling unrestricted access of the first sandboxed execution context to original prototypes of the objects.