By way of example, a computing system may include an enclave or other similar secured memory location or process. When the system receives new content or data, it may classify the content as potentially harmful and initially render and display the content in the enclave. The user may then select portions of the content to enable or disable in a final version. The content may also be converted to a known “safe” equivalent format that always renders in the enclave. Enclave-rendered content may be signed by the enclave so that they can be considered “trusted” so long as the certificate remains valid and the content is correctly signed.