This post is informing on one of two issues: the wasm jail-break. The subnet congestion issue is separate.
Please do go through the link for the community thought on perceived risk. IMO it would take a fairly sophisticated attack. However even the potential of an attack vector along with known method of preventing such an vector (i.e. sandboxing) , particularly in context of IC and the reputation of best cryptographic team in the world at stake, is the key issue.
The rug pull issue (alluded to by @cmatza ) is orthogonal to the sandboxing; and cannot / should not be addressed here. (It is a valid issue, though).