One thing you could do is to create a shim function around require that does whatever validation you want, and then calls the system's require function. You can then pass that in to the sandbox as a replacement for "require".
I'm not sure of all the changes that would be necessary to make a "secure" sandbox for node.js. To some extent, that's going to depend on what the user-submitted modules need to do.
One way to help ensure that the user modules can't interfere with your code would be to run them in their own process. On a unix system, you can use chroot to create an isolated filesystem for the process to run in, and then communicate with the process over a stdio pipe, or a socket.