I'm very interested in building something like this for WASM programs; the goal of course is to make it easy for non-technical people to see that "Oh the software reads data from example.org, writes to /folder/data.txt, scans /folder for 'abc.txt', writes something to company.com". By defining a meaningful boundary we don't need to fully inspect the code, just the communication channels to report a high-level "how does this unknown/untrusted code make decisions, does it line up with my expectations?"