Nix may already sandbox the build, in which case sandbox_apply will fail.

--- a/Sources/Basics/Sandbox.swift
+++ b/Sources/Basics/Sandbox.swift
@@ -57,6 +57,8 @@
         allowNetworkConnections: [SandboxNetworkPermission] = []
     ) throws -> [String] {
         #if os(macOS)
+        let env = ProcessInfo.processInfo.environment
+        if env["NIX_BUILD_TOP"] == nil || env["IN_NIX_SHELL"] != nil {
         let profile = try macOSSandboxProfile(
             fileSystem: fileSystem,
             strictness: strictness,
@@ -65,10 +67,10 @@
             allowNetworkConnections: allowNetworkConnections
         )
         return ["/usr/bin/sandbox-exec", "-p", profile] + command
-        #else
+        }
+        #endif
         // rdar://40235432, rdar://75636874 tracks implementing sandboxes for other platforms.
         return command
-        #endif
     }
 
     /// Basic strictness level of a sandbox applied to a command line.