MicrosoftHotCakeX unfortunately it's not easy with PowerShell due to the architecture of Windows Sandbox unless you're willing to expose the environment variables in plain text and/or encrypt them and pass them to the sandbox.
The logon commands are executed inside the sandbox, so there's no way for it to access the host except via mapped folders, printer redirection, or clipboard redirection.
Mapped folders means it would be accessing some file (encrypted/plain text). I just tinkered with printer redirection to see if I could embed data in the properties and the redirected printers strip the extra data. Even if it didn't, it would be plain text.
The reason that matters is a lot of software applications use environment variables to store things like API keys securely. AFAIK the best and only way is through the mapped folders.
I would be curious if you're aware of some other way?
