applications: Indicate when an app has permissions to escape the sandbox

Applications that can talk to "org.freedesktop.Flatpak" can run
flatpak-spawn --host, circumventing the sandbox permissions and running
arbitrary commands in the host.

Inspired by gnome-software!258

Fixes #838
7 jobs for applications-sandbox-escape in 4 minutes and 55 seconds (queued for 1 second)
latest