Option 1 (for olds):
If the .net Framework is used, then you can use the standard thing - AppDomain.
You just create a new AppDomain with limited rights for this untrusted assembly.
Examples here: https://stackoverflow.com/questions/1357231/restr...
On .NET Core, 5 and 6, this will not work, because they do not have an AppDomain.
Option 2 (just don't load dangerous things):
Using mono cecil, you can check which methods are called in some third-party assembly, and simply not load it if it uses something illegal (well, or replace these calls with something own ):
https://github.com/jbevain/cecil
Naturally, you also need to check that this assembly does not do anything dangerous in its dependencies either
Option 3 (for buzzers):
In .NET Core, AssemblyLoadContext is supposed to be used instead of AppDomain.
After loading the plugin, we can see what other assemblies it has loaded and unload anything we don't trust - for example System.IO.FileSystem
(I haven't tested this yet. Will update answer when I check how it works)