That's true.

However, you are reducing your attack surface by running some of those tools inside Docker.

By running Docker, you are introducing tons of more code that runs with root privileges. There are numerous privilege escalation vulnerabilities discovered over the years. Combined with the fact that root inside a Docker container is root on the host, you are increasing your attack surface instead of reducing it. It's the wrong tool to be using for security.

Well maybe not on the bsds when I come to think of it