You can already do that in Perl 5:
say "Hello @{[ join(', ', @names) ]} how are you?";
There's no security issue because it's not say that causes the interpolation, it's the string literal. And it's no more possible for someone to provide a string literal as they could provide a for loop.
use strict;
use warnings;
use 5.010;
my @names = qw( ikegami );
say "Hello @{[ join(', ', @names) ]} how are you?";
my $user_input = q{Hello @{[ join(', ', @names) ]} how are you?};
say $user_input;
Hello ikegami how are you?
Hello @{[ join(', ', @names) ]} how are you?
|