I just throw it into an unpriviledged LXC and call it a day.

Threat model for me is more "whoops it deleted my home directory" rather than some elaborate malicious exploit.