Imho not worth the risk. Nothing except ECC is protecting system from memory corruption. And consequences of flipped bit can be huge. Unless it is in a system you do not care about, just do not use it.

If you care about security you build it is own. No need to trust random dude in the internet. After all It just fire and forget. Copy whatever “code” is used to build container you are after, verify it once and than just rebuild it periodically to pull patches from more reliable sources.
Docker security is a joke, no need to make it worse.

If you using bind mounts - you are using dockers in wrong way. Use named volumes.

Woodpecker. No BS CI which can be attached to pretty much anything. It just need a webhook and way to pull your project.