Following some experimentation, I've found a couple of issues with sandboxed apps and how they are given permissions to read/write files outside of the 'special locations'.

Loading cart with sandboxed workspace app can cause data loss

When you load a cart, Picotron helpfully reopens the workspaces you were using to edit that cart. If one of those workspaces is a sandboxed app, however, the app appears to be given write access but not read access.

This results in the app 'opening' the files, but just creating blank, new files and then immediately saving the blank versions over the original files in RAM. This happens without the user initiating a save or doing anything beyond loading the cart. This makes it very easy for a user to lose data if they save the cart before noticing the issue (yes, I am speaking from experience...)

This assumes all the loading/saving is done through wrangle_working_file, I haven't tested otherwise.

The behaviour can be replicated by creating a sandboxed copy of code.p64 and using it to edit a cart, then saving and reloading that cart.

This should (in theory) be recoverable with anywhen, but still not ideal, and essentially prevents users from sandboxing editors they want to use to edit carts (when otherwise this should be possible)

Giving functions to get_hlocation & set_hlocation in wrangle_working_file completely breaks sandboxed apps

This can be seen by creating a sandboxed copy of code.p64.

For some reason, this seems to effect its ability to write to files but not read from them. If an app with these functions set opens a file, the behaviour varies depending on if the file is in RAM or not:

In RAM: When trying to save, the user is notified: "could not store to path". Whether the save actually happens is inconsistent. I believe it works the first time you try to save, but doesn't work on subsequent attempts.

Outside RAM: Usually (but not always?) the app crashes, giving a runtime error, saying /system/lib/wrangle.lua:276: attempt to index a nil value. Again, whether the save actually happens is inconsistent. It seems like the save works if the app created the file, but otherwise not? I'm not confident on this, though.