Default configuration of wecode judge run submitted code using Docker for isolation.
Shield make some alteration to submitted code before execution. It's meant to be more of a hassle for hacker than a real protection! You can enable Shield for C, C++ and Python. You can read more about Shield here.