Note that you can also use the ‘snappy-debug’ snap (sudo snappy-debug.security scanlog) and it will make suggestions.
The shm denials are covered here: Shared memory in /dev/shm rewriting. Does using the snapcraft preload part resolve this? Otherwise you could update the source to for it to use snap.$SNAP_NAME.XXXXXX (eg, conditional on if SNAP_NAME is set).
Note: I just now updated snappy-debug to suggest snapcraft preload