diff --git a/CHANGES.md b/CHANGES.md
index 5509205f7d2..1abc581881c 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -12,6 +12,8 @@
 - Do not ignore rules marked `(promote (until-clean))` when
   `--ignore-promoted-rules` (or `-p`) is passed. (#6010, fixes #4401, @emillon)
 
+- Cinaps actions are now sandboxed by default (#6062, @rgrinberg)
+
 3.4.1 (26-07-2022)
 ------------------
 
diff --git a/src/dune_rules/cinaps.ml b/src/dune_rules/cinaps.ml
index d1bd0497ef1..641a03b433e 100644
--- a/src/dune_rules/cinaps.ml
+++ b/src/dune_rules/cinaps.ml
@@ -80,8 +80,14 @@ let gen_rules sctx t ~dir ~scope =
   let cinaps_exe = Path.Build.relative cinaps_dir (name ^ ".exe") in
   let* () =
     (* Ask cinaps to produce a .ml file to build *)
+    let sandbox =
+      let project = Scope.project scope in
+      if Dune_project.dune_version project >= (3, 5) then
+        Sandbox_config.needs_sandboxing
+      else Sandbox_config.default
+    in
     Super_context.add_rule sctx ~loc:t.loc ~dir
-      (Command.run ~dir:(Path.build dir) prog
+      (Command.run ~dir:(Path.build dir) prog ~sandbox
          [ A "-staged"
          ; Target cinaps_ml
          ; Deps (List.map cinapsed_files ~f:Path.build)