What's wrong with containers? They are supposed to provide better performance than VMs. Are containers less secure?
"dumb scripts" that just copy files/install something, encrypt files, etc. will be well contained in a container.
"smart scripts" are more rare - but essentially if you're trying to break out of a container you can, container breakout methods are not uncommon. These types of malware are usually more rare.
So if your threat model is "I want to run this program that I'm pretty sure I trust but I'm not 100% certain" then a container is most likely fine as a convenient precaution.
But if it's "I want to make sure nothing can break out (especially if you're running user's code) and compromise the full system" then you want VMs.
With the recent pytorch-nightly compromise in december, AFAIK a container would have protected you, just don't assume that will always be the case.
EDIT: I wish katacontainers was easier to use and was more widely used - I feel like it gives most of the usability benefits of containers with the security of VM's which is what everyone should really want for most things. VM overhead can be pretty small, with under 100ms "boot" time, etc.