There is certainly an element of risk allowing a container to access the network stack. But in order for a security application to operate it needs access to iptables/nftables to dynamically block and allow traffic.
It could be made clear to the user that this has the potential to break things.
VyOS has support for this in their container functionality.