Like many others, I found auto-sandboxing's inability to handle the user's choices for a given app "on the fly" (i.e., immediately) quite irritating ... regardless of your choice, the app is terminated immediately and must be restarted even if you've selected "run normally", only applying the choice to the restart.
Since the vast majority of auto-sandboxing (in my case, anyway) occurrences involved the insufficient-data parameter with apps I've had for years, I've unticked that, and the removable-media one, to rely strictly on static and heuristic analysis of the files as well as suspicious sources. And the auto-sandbox is almost never kicking in any more. So in its settings I've got only the first, third, and last options ticked.
I realize this is one of those security-vs.-usability choices, but I doubt if my risk is increased significantly since a real threat should probably be caught by other parts of the file shield, or by one of the other shields. This choice will become more critical as an alternative to completely disabling auto-sandboxing, since I understand Avast intends to eliminate the "ask" option sometime in the relatively near future.
Comments, particularly with regard to whether I've underestimated the risks?