The issue here is rarely whether the security features themselves are circumventable. It’s that at some point this turns into trusting users not to give malware apps permissions (whether that’s a dialog, a system wide setting, adding a third-party app store, etc.). Almost no users can usefully evaluate whether a particular bit of digital trust is a good or bad idea, so people will constantly get scammed in practice. If you’re thinking about ZNP as a solution, you’re not trying to solve the actual security problems of normal users.