They're friendly for the user audience that doesn't care about these things. The location is a minor issue compared to many of the capabilities they come with. For the slightly more tech savvy, they should really be running these harnesses in a contained environment with net cap dropped, for instance.
The price of flexibility is, pi is not opinionated about adding sandboxing out-of-the-box, it gives you options on how you want to do it. You either do it with linux containers, with a dedicated VM, or just bubblewrap.
It is nice that it gives you a way to hook into it in a very easy way though.
