I don't know exactly how Linux or GrapheneOS namespace containers work, but Windows does not have such a feature on OS level for legacy software and supports its own "LowBox' App Containers only for a few applications. There is 3rd party software, such as Sandboxie, that performs containerization, but container-escape must be performed in situations where one program needs to launch another or else container is shared.
Does Vanadium WebView run in a separate container at all times or do parts of it migrate into containers of apps that use Vanadium WebView?