Most sandbox systems today, take seatbelt from Apple for instance, only strip permissions. If your extensions without internet access calls a tool that needs it, boom access denied or worse, weird network issues.
One would need some kind of ring system where less privileged processes can call higher privileged processes with their own sandbox permissions.
Sure, that's the main challenge with building good sandboxing systems. But it's not actually that hard to do when the will to do it is there.
For example, Android already allows you to give apps restricted access to your media. My understanding of the way it works is that the resulting interface for picking photos etc. is not under the control of the app. The app only receives whatever file you picked.