Use bubblewrap's `--die-with-parent` once a release is made.
There's a good amount of work that goes into "Kill sandboxed processes" that can be dramatically simplified and made more robust with bubblewrap's --die-with-parent option. As of this moment this is unreleased, so support will need to wait until after they tag the next version.
https://github.com/projectatomic/bubblewrap/commit/b6370de0fc4be6bb801206e39437ad1f2f5c0be7
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information