pub fn execute(cli: &Cli, command: &AuditCommand) -> Result<ExitCode, SboxError>Expand description
sbox audit — scan the project’s lockfile for known-malicious or vulnerable packages.
Delegates to the ecosystem’s native audit tool and runs on the HOST (not in a sandbox) so it can reach advisory databases. This is intentional — audit only reads the lockfile and queries read-only advisory APIs; it does not execute package code.