As for 3d rendering, you have 2 options.
You can use WebGL, but lakes the features of sprites. Here is it being taken to the limits. A cafe and A house and A noob

You can manually calculate sprite positions by doing magical trigonometry with NeonLight. I used it to make Fps shooter

Over the past couple years, people have started using various cool techniques on code.org's gamelab, especially with key values to create chat apps and other multiplayer projects. It may surprise you, but most of these techniques were pioneered by me. For example:

• setKeyValue/getKeyValue on gamelab: I did this in 2019 to create game where you can share drawings to people in gamelab
• Remix detection: I discovered both methods, keyValues and getURLParams()
• encodeURIComponent() for sanitizing userid's in keys: Ziriski actually took this from me in discord.

It may surprise you even more to know that there are way more of the aforementioned "techniques" that you may not know about, all contained in one single document. There are:

• IP logging methods for gamelab and applab
• Server networking capabilities for gamelab and applab
• 3d rendering with textures and shaders

Document in question.

Here are some multiplayer games I made that most people have forgotten. All of them are secure against hacking. Heroku server will take time to warm up.
online maze
connect 4 multiplayer

That's not it. By taking advantage of code.org's API's, some projects have been created to accelerate code.org game development.
Data browser allows you to edit the key values of a game lab project and the records of an app lab project.
CDO-Sync Allows multiple people to collaborate on one project at the same time as well as full on typescript support.
CDO Monaco Cdo-sync, lacks multi user, but has typescript and is very convenient to use.

Note, a lot of techniques on applab no longer work anymore. This is because code.org removed heroku as a valid domain for web requests. It is still theoretically possible to use records for web requests instead, but it is too much effort for me currently.

I created Veil and honestly I think it was kinda stupid. Only really stupid script kiddies used it. There is nothing particularly special about it, besides that fact that it could inject code in separate scope, which made executing anything virtually undetectable by the client. It was really fun manipulating code.org's javascript interpreter down to the every single native function, value, setter, getter, prototype, and scope. It brought me back to roblox's hacking days.
I obfuscated it so people wouldn't be able to find out how the function worked, but then my computer bricked and I lost the source. It's not difficult to remake it, it's just I don't want to.