Hi,
In relation to question 1, I'm not sure what you mean by Sandbox, but Cisco AMP can use the Malicious Activity Protection engine to monitor changes in files on a network share (Windows Connector only). It cant be used to manually scan the drive.
https://console.amp.cisco.com/help/en/wwhelp/wwhimpl/js/html/wwhelp.htm
Question 2 - I have to ask why? Cisco AMP4E can automatically upload files (config dependant) to Cisco Threat Grid and produce a report. Secondly, this process is paramount to the retrospective function within the platform.
Lastly, if you have the Cisco AMP4E Advantage Tier, you get access to Threat Grid so you can interact with the file within the sandbox.
In direct answer to the question, there is nothing native in AMP4E that allows you upload files to another sandbox. This would be a manual process to download the file from AMP4E and upload to a 3rd party Sandbox. This requires that the user account have 2FA enabled so limits the options to use API's to pull the files from within the console.