Well yes but I am not sure that this is the main problem with flatpak containers.
I'd rather point out that this approach creates a bigger attack surface since the containers tend to ship with outdated versions of libraries, frameworks and tools that the actual application relies on because it is now that specific app developer's problem to update them inside of the container. So with this, even an up to date system is not really up to date and might suffer from severe vulnerabilities. I'd say it depends on your application, use case and threat scenario; containerization can make sense but is not the holy grail.
Geekworm offers a HAT and an enclosure for 2HDD and the Pi, that might suit you