Containers aren't strong security boundaries so the question still remains. If you get RCE in a containerized app you can tickle eg host kernel bugs, container runtime bugs, etc.

This is exactly what I do with any software that talks to the Internet. However I'd still really, really like for an advanced adversary to not have arbitrary RCE on my machine, whether it's in a container or not. Any zero days in my kernel that said adversary may have in their back pocket are then exposed for exploitation.