Is developer syscalls permission a vulnerability? How to deal with it?

Steam and Grapejuice flatpaks have developer system calls permission. I heard that this permission is required because of the cheat protection system in the games. dartvader316 comments on Is Flatpak Steam going to affect anti cheat? this comment says that with this permission you can easily escape sandboxing. So I thought “if I create a rootless podman container and only have access to x11, will grapejuice be able to run roblox?” And it did. Since I thought that I didn’t give a dangerous permission to this container, I thought that it couldn’t escape from that container despite these system calls. With similar logic, would I be correct to think that giving this permission doesn’t mean that it can escape sandboxing in flatpak? If I’m wrong, is there a way to at least open games without granting this permission?