In theory you can generate the code locally and compare it with the deployed version to see that it's one to one.. But maybe we could do something in order to improve the said security check.
The project is open source and it's main goal is to provide the SVG flags of all countries, for a primary (but not limited to) use in web apps: https://github.com/lipis/flag-icon-css