The good old docker security nightmare. That thing has essentially root access to your machine. Just so you know.
You might want to move to Podman (which can be executed in rootless mode) so that you can also run podman-in-podman without much hassle (it's officially supported afaik).
But in any case I think it's always better to do docker in docker for security. Also it help control what version of docker is used by the agent and it can then be a different one than the one on the host.
You might want to move to Podman (which can be executed in rootless mode) so that you can also run podman-in-podman without much hassle (it's officially supported afaik).