Maybe I'm mistaken but it seems to me that the parent's argument was that running your app in a unikernal prevents another app from crapping all over it, ie: root escalation happened in an adjacent app and now your app is at risk.

It does move the hypervisor up a few levels of abstraction, which could be dangerous, but (more to the point) the benefit is isolation from other misbehaving apps.