You're using the sandbox precisely as I think about them. But you're right; the word "sandbox" sounds like something with low security and something people can "play around with, "right?

In my experience, high-performance data teams don't "play around" anywhere, and "low security" is nowhere on these teams.

The point of having a copy of production is to deploy your change into something that mirrors production.

That means you are already stepping outside of your development environment.

I would first consider giving the data team the tools to use mock & fixed data rather than having them develop against a running (even near-production data-like) system. Developing against fixed & local data makes the process much faster.