Hi Gargamel360,
Users should be careful doing these malcode experiments. You could be handling live code and if your anti malcode software does not flag it, it can infect and stays under the radar. If I handle javascript code I like to view at it as it is being blocked to run, in a sandbox where it cannot escape hopefully.
This is for website malcode that you view via a proxy. Never glare at live source code even running via a proxy. The only safe way is with ample protection or presented in the form of an image. Sometimes I am being alerted by the malware script detector extension from developer Aung Khant (similar kind of extension in Fx is firekeeper's - Alexander Sotirov experimental list installed) and it detects javascript malwares that uses the malicious power of javascript, it is intended for web client security, it detects frameworks, XSS proxy, XSS shell, Attack-API and BeEF, exploitation, has detection for image.gif, txt/javascript, data txt/html, local file protocol exploitation, wide protocol based and was thoroughly tested, for web developpers and with a browser independant greasemonkey install, detects things that never get detected at webserver-level FW, detects web client run web trojan and backdoor abuse. In short nice I have this extension in the Google Chrome browser and it was installed with just one click.
Only thing is you must have the expertise to evaluate the findings yourself. So it is not just for everyone.
polonus