The s&box editor runs every library you install with full, unsandboxed access to your PC, so a hostile one can delete files, spawn processes, call native code, or steal data unchecked. secbox is the safety net the platform doesn't give you.

It scans a library for dangerous behavior (filesystem writes, process spawning, P/Invoke, dynamic code loading, raw networking, bundled binaries) and flags it before you trust it. At runtime it goes further: when a library tries to launch a process, secbox freezes that call and lets you allow it once, trust the library, kill the editor, or kill the editor and delete the offending library on the spot.

Install secbox first in any project and review new libraries as you add them.

Secbox is fully open source, licensed and developed in the open at https://github.com/actual-f4-industries/secbox. Because it is a security tool that loads into your editor, you shouldn't have to take its safety on faith: the entire scanner, rule set, and runtime enforcement layer are public and auditable, the downloaded backend is SHA-256-pinned against that source, and anyone can read exactly what it does, report issues, or contribute new detection rules.