eBPF is at least somewhat sandboxed, no? So it doesn't quite have the access required to accidentally stomp on any portion of kernel memory it wants?

Indeed it's executed via a Jit on something like a VM. However it can still, make your system quite disfunctional if, e.g., all filesystem or network calls are blocked.

The version of the CrowdStrike sensor that caused kernel panics on RHEL/Rocky was using eBPF. It living in eBPF doesn't mean it can't cause system instability.

And as mentioned elsewhere, an eBPF module behaving badly but in valid ways can still make your system pretty unusable.

macOS does not require this however.