Addressed the three issues listed and added a check by the validator so that aggregate and other invalid functions produce a better error message.
A remaining issue is how/whether to apply row-based security during a matview load. The current behaviour is that the load will happen under the current user's roles. Other options are to disable row-based security for a mat view load, to throw an exception if filtering is applied during a load, or to do user scoped matviews (which doesn't seem feasible).
For internal matviews we can consistently apply the desired behaviour. However external matviews would seemingly require admin accounts as needed to by-pass the affect of row-based security if needed.
For now we'll just doc the current behaviour (which is somewhat consistent with for example if a source is applying row-based security and a mat view is loaded with an affected user).