Do you have any indication that Jolla does more than a developer would, anyway: Run Jolla’s trivial Store rules compliance checking script, and start the app and tap around a bit (“smoke test”)?
I don’t, and I do not believe they do, because they lack the resources for that.
O.K., that is a valid perspective (though merely so, IMO).
But to deduct from this statement, that …
[…] the Jolla store […] it is likely the most secure one there is.
… is far fetched, because the difference Jolla’s script and a smoke test make is marginal.