Run test for absence of SubtleCrypto in ShadowRealm scopes

ShadowRealm scopes, even when created in a secure context, should not be
able to access crypto.subtle, SubtleCrypto, or CryptoKey, because those
are not [Exposed=*].
diff --git a/WebCryptoAPI/historical.any.js b/WebCryptoAPI/historical.any.js
index 67ca9d9..19dcdbe 100644
--- a/WebCryptoAPI/historical.any.js
+++ b/WebCryptoAPI/historical.any.js
@@ -1,6 +1,8 @@
-// META: global=window,dedicatedworker,sharedworker
+// META: global=window,dedicatedworker,sharedworker,shadowrealm
 //
-// Do not run this in a service worker as that's always in a secure context
+// Do not run this in a service worker as that's always in a secure context.
+// ShadowRealm scopes created from secure contexts are OK, because SubtleCrypto
+// is not [Exposed=*].
 
 test(() => {
   assert_equals(self.crypto.subtle, undefined);