That is often good, but it does leave mounted volumes accessible to other programs, where GPG files can be decrypted only inside EMACS. Whether this matters depends on your threat model.
To get this you have to sacrifice the convenience of using gpg-agent, though, right? Otherwise any other program that can open your gpg agent socket can use your gpg keys.
If you need to worry about that kind of thing then you need some kind of workload isolation. One way to solve that is Qubes OS.
Here are some other FOSS alternatives: https://fly.io/blog/sandboxing-and-workload-isolation/