Access to a shared downloads folder doesn't sound “fully locked down” to me. I can imagine situation where I wouldn’t want one app to see what is downloaded by other apps.
Would be better if each process had its own downloads folder (it’s own file system namespace even).
Each flatpak app does have its own namespace and dir it can save whatever it wants to. Some packages like the MS teams one have been given access to downloads only so you can share files with people. You can turn off this access if you want.
Flatpak also has a thing called portals which let the program request a privileged filepicker so the user can select any file and the filepicker grants access to it for the program. The problem is not all apps are set up to work properly with this right now.
Would be better if each process had its own downloads folder (it’s own file system namespace even).