Untrusted code isolation


we are working on a project where additional functionality will be provided to the users via downloadable independently developed plugins, hence their code is “untrusted”
Is there a way in electron to launch code in a sandbox and how reliable is it?
Does it protect from filesystem access, code injection, while (true) {} loops, etc, does it restrict API?