* This test verifies that arbitrary user-defined classes cannot be serialized,
     * which is important for preventing gadget chain attacks.
     */
    @Test
    public void test_security_customClassRejected() {
        // Create a simple custom object that is not registered
        CustomTestClass customObject = new CustomTestClass("test");

        try {
            serializer.fromObjectToBinary(customObject);