In this case you stop relying on the Qubes hardware isolation and rely on Docker instead, which is far less secure. If dom0 is compromised, everything is compromised, which is why you should run in dom0 as few things as possible (ideally, nothing!).
See also: