Uniform builtin plugins exemption structures to allow for allowlisting of packages.

[empijei]

All builtin plugin packages should have exemptions in separate ones to ease bancheck or similar tools integrations.

I did this in #341 for csp, fetchmetadata and framing by creating the internalunsafe versions of the various configs and exhemptions, but we need to do it for the remaining ones.