I don't have much to add to this specific issue, expect that I think the reasoning of "Sandboxing X is pointless because we do the same with Y" is wrong. While we can come up with specific counter-examples (eg a CI that compiles builds but doesn't run them), they're a tangent from the main point (and most of them are contrived anyway).
I think we should reason in terms of "what is the minimum level of information this system needs to do X, and how do we provide that information and nothing else?". Restricting the build process to only the information it strictly needs doesn't just help with security; it helps with caching, build reproducibility, debugging, etc.
We've mentioned compiling macros to WebAssembly; doing so would help sandboxing, but this is true the other way around too: having defined sandboxing rules would help having a "compile macros to WebAssembly" pipeline, which could have reduce initial build times (which, at the very least, is useful for CI).