So while I'm waiting for that new column, I went with this in a munkifact:

"""osquery uses plist table to check pre-allowed state of sysexts"""
import json
import os
from subprocess import Popen, PIPE


def fact():
    """Shells to osqueryi, returns list"""
    activated = []
    if os.path.exists("/usr/local/bin/osqueryi"):
        proc = Popen(["/usr/local/bin/osqueryi", "--json"], stdin=PIPE, stdout=PIPE)
        msg = "select value from plist where path = '/Library/SystemExtensions/db.plist' and key = 'extensionPolicies' and subkey like 'allowedExtensions%';".encode(
            "utf-8"
        )
        stdout = proc.communicate(msg)[0].decode("utf-8")
        alloweds = json.loads(stdout)
        if alloweds:
            extracteds = []
            for each in alloweds:
                bundle_id = each.get("value")
                extracteds.append(bundle_id)
    return {"allowed_sysexts": extracteds}


if __name__ == "__main__":
    print(fact())