alt Hacker NewsI understand the concern. However, you can customize the profile (e.g., allowlist) to only allow network access to required domains. Also, looks like your sandboxing solution is Docker based, which uses VMs on a Mac machine, but will not use VMs on a Linux machine (weak security).
That's why I wrote my own sandbox. Everyone hand waives these concerns.
Further, I don't know why docker is weak security on Linux. Are you telling me that one can exploit docker?