Wow, there's been a bunch of public work in this space since I started! I was aware of the Agoric Realms work that preceded SES, but haven't kept up with their progress. I looked over some of the current SES/Realms code, and didn't (quickly) find anything that can limit CPU or memory consumption of the untrusted code in the browser. I decided to base my efforts on QuickJS/WebAssembly because there's much less inherent risk and a greater guaranteed deal of control compared to any solution that shares a GC heap with the untrusted code.

FWIF, Figma's plugin system started out with Agoric's Realms shim and then switched to QuickJS after a security incident: https://www.figma.com/blog/an-update-on-plugin-security/