I’m no security researcher so do correct me if I’m wrong but I assume you use firejail which is a suid program - a bug here could cause an escape to even become root. And why would you write a sandbox in a memory safe language…
Yes, you're right to be wary of suid, but primarily against local attacks on my laptop. The suid risk for a remote attacker seems rather less than from remote malware without the sandbox. Opinions may differ.
Of course you are correct, it is better than no sandbox, I'm just saying that compared to even the now affected Android, ios OSs GNU/Linux is seriously lacking in terms of security.