Thank you for sharing a non-trivial working example of a sandbox-exec configuration. Having an exemplar such as what you have kindly shared is hugely beneficial for those of us looking to see what can be done with a tool such as this.
It is both myself and the OSS community which thank you.
Great things are done by a series of small things brought together.[0]
