That helps for external threats breaking into buggy network services, but it doesn't help for compromised apps/images/dependencies exfiltrating your secrets.
If it's an air-gapped local network, then sure, but how useful is that? Are you disconnecting your phone/laptop from the internet when you access the air-gapped network, or do you use two network interfaces on every device?
I assumed the GP was talking about a typical home "local network", one behind a NAT - so no incoming traffic, but usually, it allows any outgoing traffic.
