Capability-Gated Plugin Sandbox
Security Audit
advanced
Fix the security bugs in this plugin sandbox — a shallow Object.freeze, toString spoofing, and missing call-time enforcement let untrusted plugins escape their permission boundaries.
security
javascript
proxy
capabilities
sandbox
object-freeze
least-privilege
advanced