WinRT sandbox has always allowed for JIT'ted code, all the way back to the original Windows 8 release - all .NET Store apps back then were running on a JIT. .NET Native is a later addition that is there solely to improve performance, and it is still opt-in.
Now, Win8.x did not allow for third-party JIT compilers in the sandbox; it was only CLR or Chakra. But UWP does - look for the "codeGeneration" capability here:
WP 8.x did not JIT code on device, hence the whole MDIL and cloud compiler on the store.
WP 8.x only did dynamic linking at installation time and when OS updates were done, by replacing symbolic labels with the actual target destinations. Everything else was already compiled at the store and downloaded as binary into the devices. This was the whole point of MDIL.
There is a BUILD session and a further Channel 9 deep dive interview showing how MDIL deployment works on WP 8.x.
And how does that pertain to security? Android doesn't seem to have a problem with JITed code in sandboxed store apps. Neither does Win10.