Org provides tools to work with the code snippets, including evaluating them.
Running code on your machine always comes with a security risk. Badly written or malicious code can be executed on purpose or by accident. Org has default settings which will only evaluate such code if you give explicit permission to do so, and as a casual user of these features you should leave these precautions intact.
For people who regularly work with such code, the confirmation prompts can become annoying, and you might want to turn them off. This can be done, but you must be aware of the risks that are involved.
Code evaluation can happen under the following circumstances:
Make sure you know what you are doing before customizing the variables which take off the default security brakes.
When t (the default), the user is asked before every code block evaluation. When nil, the user is not asked. When set to a function, it is called with two arguments (language and body of the code block) and should return t to ask and nil not to ask.
For example, here is how to execute "ditaa" code (which is considered safe) without asking:
(defun my-org-confirm-babel-evaluate (lang body) (not (string= lang "ditaa"))) ; don't ask for ditaa (setq org-confirm-babel-evaluate 'my-org-confirm-babel-evaluate)
Functions to query user for Emacs Lisp link execution.