When typesetting a score, the command being run uses the -dsafe option, of which ensures security against malicious code, but also removes many disparate features that would be useful to the extension. This safeguard is very important, but is very rigid. Lilypond has an alternative, meant specifically for web use, but is somewhat harder to setup.
As outlined in their manual, it involves running in a chroot jail and using the --jail option. The manual also has documentation on its implications and instructions to setup (on the linked page).