Just to build on this: I heard tell of a USB hard drive, back in the day, that would install its driver when plugged in. It did this by claiming to the attached device that it was a keyboard instead of a hard drive, and then sending keystroke data imitating opening a command prompt with hotkeys and typing in the installation commands. It's not difficult to imagine what "the bad guys" could have done instead (as if that wasn't bad enough).

An I/O device is inherently a security risk because it sits in-between the user and the system, and effectively acts the intermediary between the two. That's a ton of trust.

This isn't a completely unsolvable problem. One could imagine a security system where an app using external I/O is opt-in, and even then given restricted access (e.g. not in the Settings area). But it's something that has to be created and put in place first, and there will probably be some associated user friction.