I can reproduce this. What appears to be the problem is that the /usr/lib/snapd/snap-seccomp on your host system isn’t new enough to understand the chown - u:root -1 line, and snap-seccomp does not re-exec it seems (I would have assumed that it would). This is because /usr/lib/snapd/snap-seccomp on your host system comes from the snapd deb, which it appears is from the bionic-security pocket at version 2.37 and thus is too old to understand the new system-usernames specification with the chown line.
What you can do in the meantime is always use snap-seccomp from the snapd and/or core snaps instead of from the deb by running /snap/{snapd,core}/current/usr/lib/snapd/snap-seccomp ..., or you can upgrade the version of snapd from the deb to the one from bionic-updates.