Can malicious applications running inside a docker container still be harmful?


I am very new to docker (and don’t usually program at a ‘systems’ level). I will be working on an open source project with complete strangers over the web over the next couple of months. I trust them, but I like to not have to trust people (meant in the best possible way).

I would like to know, if I download various repositories from github or elsewhere, and run them inside a docker container, is it possible for them to cause harm to my laptop in any way?

In case it’s relevant, the repositories will mostly be web applications (think django, node), and will likely use databases (postgres etc), and otherwise operate as regular locally hosted web applications. It is possible (like anything from github or the world wide web), that some apps could contain malicious code. I am curious to know if running such an app (containing malicious code) inside a docker container prevents that code from harming anything outside of the docker container (i.e. my laptop)?