Replace extension security modals with desktop app specific versions

We already do this with canReadClipboard and canNotify.

We should extend this to all the other prompts

In the desktop app we have a real boundary between trusted main process code and the renderer. We can add options that we've historically considered insecure like permanently allowing extensions without prompts