your analogy is much like saying.. "its not like burglars wanting to break in and steal the family jewels, blockstream was a family business, it is their house"
but its more like "someone in the family is now stealing the family jewels. he has now told his friends if they hand him some cash, he will leave the door unlocked so anyone can sneak in"
I'm not giving you an analogy...
But your analogy is false. Anything that blockstream would try to do with Bitcoin Core would have to go through sipa because he is the only one with commit access that works for blockstream. He can't "give them the keys" because there are no keys and there is nothing to give. Sipa could write code and commit it or people at blockstream could write code and submit a PR. Either way, the other 6 people with commit access would notice or the other hundreds of people actively watching Bitcoin Core's progress (me included) would notice. They would definitely notice if code was committed without a PR because that goes against the code review process. They would definitely notice if a PR was merged without discussion or with discussion and a lot of NACKs. That would of course result in the offending code being reverted and sipa having his commit access revoked. If that doesn't happen, a lot of people will be forking Bitcoin away from Bitcoin Core.
So going along with your analogy, sure the person in the family can give his friends the keys, but he cannot disable the alarm system. The alarm system will go off when the burglars try to break in and then the burglars are caught by the police and sent to jail.