The receiving browsing context sets the sandboxed auxiliary navigation browsing context flag to prevent it from using e.g. window.open() to spawn new browsing contexts.

However we should also prevent top-level navigation (to protect integrity of the screen selection prompt) by setting the sandboxed top-level navigation browsing context flag. This also blocks window.close(), thus developers will have to call .terminate() for a presentation to close itself.

We can also set the sandboxed modals flag to prevent modal dialogs, which is suggested in a non-normative note, but not enforced. I don't feel as strongly about this however.