We are restricted by the technical implications and limitations of the File Provider. Indeed, the downloaded and decrypted files are then locally cached (in the app’s sandbox). Btw, you can always clear the cache in the Cryptomator app.
When thinking about Cryptomator’s security target, this is not a huge security issue:
In addition, you have to keep in mind what Cryptomator is not. Protection of the files on the local computer is not the focus of Cryptomator.
Of course, it’s still the goal of Cryptomator to restrict the access of decrypted content as much as possible so that they don’t accidentally leak.