Disclosed embodiments relate to systems and methods for identifying vulnerabilities for virtualized execution instances to escape their operating environment and threaten a host environment. Techniques include identifying a virtualized execution instance configured for deployment on a host in a virtual computing environment; performing a privileged configuration inspection for the virtualized execution instance, the privileged configuration inspection analyzing whether the virtualized execution instance has been configured with one or more attributes that can permit operation of the virtualized execution instance to perform operations, beyond an environment of the virtualized execution instance, on an environment of the host; and implementing, based on the privileged configuration inspection, a control action for controlling the virtualized execution instance's ability to perform operations on the environment of the host.