Whenever possible, credentials shouldn't be inside the sandbox either. Credential proxying, or transparent credential injection, for example with Sandcat: https://github.com/VirtusLab/sandcat

> I don't think it would help here, they were stealing credentials

So, stealing credentials in the current directory and in all other directories are the same thing?