Network toggle fully prevents direct network access via sockets and indirect access via OS networking APIs which are all guarded by the standard INTERNET permission, which we used as the basis for the Network toggle.
The Network toggle doesn't stop the app playing audio, so it could exfiltrate data through high frequency audio to audio beacons, which is a real world technique used by some apps. That isn't network access, so why would it be mentioned by the Network permission? It's for preventing network access, not playing audio. It's not marked as a data exfiltration toggle. There's nothing misleading about how it's implemented. It does what it says, and if anything probably does more than you think since it blocks indirect access via APIs requiring the INTERNET permission provided by both the OS and apps.
You also may have granted the app access to other things yourself, like Contacts or access to files in your home directory, which may be uploaded somewhere by other apps that you've given the same access.
Apps within the same profile can communicate with mutual consent. INTERNET is a standard permission in the Android security model which we used as the basis for the Network toggle. Sensors is not a standard permission, but there are restrictions on access to sensors based on whether apps are in the foreground, etc. so it would be incorrect for apps to simply hand out access without any checks. This means both of these permissions we add are based on standard parts of the Android security model, but more directly for the Network toggle which is just a runtime port of INTERNET with a bunch of compatibility shims to keep apps working with it revoked.
When you give an app a permission or another form of access, you trust it to be secure against being exploited by an attacker to gain access to what that permission / other access grant provides. Same applies to entering any sensitive data into an app. You trust it to uphold the security model for that data/access. For example, if you give an app Contacts access, you trust it not to leak access to that data. You trust it not to provide an API for other apps in the same profile to read or write contacts without either requiring explicit consent from you on a case-by-case basis or guarding it with the Contacts read/write permissions. Same for manually entering contact data into an app without granting the permission. The same thing applies to every permission and other form of access you can grant to apps. It is not in any way specific to the Network permission.
If so, then I might have to reconsider a couple apps I have installed on my phone that have trackers in them (information provided by Exodus Privacy).
This isn't a good plan. Exodus Privacy does not provide reliable information. It has a small list of third party libraries they consider bad usually for very arbitrary and dubious reasons. Apps marked with it as having 'trackers' are often not doing anything bad or privacy invasive. Apps not marked by it as having 'trackers' simply aren't using the third party libraries in their small list or use obfuscation that prevents it detecting them. It's a bad way to evaluate whether you can trust an app with access to some kind of permission / other access / data.