Security against malicious smart contracts

If smart contracts are kept secret, how does one ensure that the code within these contracts is not malicious?

Secret smart contracts, in Enigma’s case, refers to the data within the contracts being kept secret. The code in those contracts remains public (at least if implemented naively) and can thus be examined for malicious functionality. (in other words, Enigma obfuscates data, not program)