[SANDBOX MODE]
Sandbox mode prevents Funge programs from doing "harmful" things, this includes,
but is not limited to:
.TP
Any file or filesystem IO is forbidden.
.TP
The list of environment variables the program can see in y are restricted.
.TP
Non-safe fingerprints can not be loaded (this includes network and file system access as well as other things).

[IMPLEMENTATION DEFINED BEHAVIOUR]
The Befunge98 standard leaves some things undefined, here is what cfunge do for some of those cases:
.TP
y pushes time in UTC not local time.
.TP
k with a negative argument reflects.
.TP
# across edge of Funge-Space may or may not skip first char after wrapping depending on exact situation.
.TP
( and ) with a negative count reflects and doesn't pop any fingerprint.
.TP
Loaded fingerprints are inherited to child IPs at split (t).
.TP
Standard output is flushed at the end of the program and just before any instruction reading standard input. However it is of course possible that the operating system decides to flush anyway.
.TP
Standard input is read one line at a time and buffered internally. Those instructions reading chars fetch one char from this buffer, leaving the rest (if any) including any ending newline. Instructions reading an integer will leave anything after the integer in the buffer with one exception: if the next char is a newline it will be discarded.