You don't know why. Surely you understand the need for testing and why you cannot rely on data produced from a flawed storage system to be carried across between tests. Bootstrapping is to allow testing obviously. But you knew this already!
Similar attack vector. When money is involved captcha passing scripts are worth it. So when the last test turns into live those testsafecoins are deemed to be safecoins and thus an attack vector for free coins. THAT IS why it is an equivalent amount of storage which is not transferable and will not continue into the live system.
It is more open to manipulation when you give a trade object that is worth real money for the last test system which becomes the live system. Any captcha system has its hacks and even if it cost 5 coins to break each one, its well worth it.
There will be exploitable parts to SAFE or any other system for that matter. The trick is to weigh up the efforts taken to exploit and the returns for the exploitation. It seems that @dirvine or the devs have decided that it is an acceptable risk. How many times will the exploiter have to reupload the same data when each test starts??? Will the exploiter be sure that the test system will not go live only hours or a day before declared live and the update to cancel the freebies occur almost immediately.
By the same logic the almost free uploading when there is plenty of free data space is exploitable. Its designed that way. Plenty of free space and for 1 coin you will get the BD rip uploaded, if you are quick enough before the space starts filling up again.
Also if the system is being exploited to an unacceptable amount then its a minutes effort to take out/change that line of code that gives the free space on account creation and restart the network with a blank slate and go live (relying on presale coins for bootstrapping).
So I am at a loss to see your problem with a measured measure of free data upload to bootstrap the test systems.