That depends on the depth of the review, e.g. verifying the submitter is a member of the project, the software name does not conflict with a well known name,...
At least this prevents impersonation of well-known publishers or their software. Maybe all changes to metadata like the description should require a manual review even for established packages.
I think that was a precaution. The malicious build script ran during the build, but the backdoor itself was most likely not included in the resuling package as it checked for specific packaging systems.
That is regrettably not too unusual. Many platforms deactivate / ban empty accounts that were inactive for a long time. I guess "aging" accounts before use is something not too uncommon for bots.
Maybe you can register a custom protocol and have your own script outside of flatpak that runs firefox. Then use an xdg-open command that prefixes the custom protocol.
Currently there is support for a network connection over thunderbolt you can use as a basis. If you want to send other data without network encapsulation, you'll need to write a kernel module for that.
The mobile device / "mtp Server" requires the gadget mode as far as I know. The PC /client does not need it.