I've found some cases in our repo now that sandboxing is hiding the fact that some folks writing tests are leaving around artifacts that aren't getting cleaned up. While this isn't necessarily a problem since things are sandboxed and eventually get killed off, I think it's enabling bad habits. Are there any mechanisms available to help detect this beyond code review?

There are not, but I think having the infra to audit a Process sandbox for deltas that are not part of the captured output files or output directories would be welcome for alot of reasons. One customer of this could be tests on an opt-in-basis with warning or failure modes.