Which operating system do you mean? Flatpak has this already, Android enforces this kind of API for shared files, Windows UWP has pretty much the exact same API (https://learn.microsoft.com/en-us/uwp/api/windows.storage.pi...).

App developers will often choose not to sandbox their applications because it's a lot easier (and sometimes faster) do to all file management yourself, but the APIs are there and ready to be used.

MacOS has this and what happens is that you get into the habit of just clicking through it. It won't help with ransomware, only backups would.