This kind of mental model only works if you think of things as made huge shadowy blobs, not people.
dyld has one principal author, who would 100% quit and go to the press if he was told (by who?) to insert a back door. The whole org is composed of the same basic people as would be working on Linux or something. Are you imagining a mass of people in suits who learned how to do systems programming at the institute for evil?
Additionally, do you work in tech? You don’t think bugs appear organically? You don’t think creative exploitation of bugs is a thing?
This vastly overstates both the competence of spy agencies and of software engineers in general. When it comes to memory unsafe code, the potential for exploits is nearly infinite.
It was a complicated product that many people worked in order to develop and took advantage of many pre-existing vulnerabilities as well knowledge of complex and niche systems in order to work.
Yeah, Stuxnet was the absolute worst of the worst the depths of its development we will likely truly never know. The cost of its development we will never truly know. It was an extremely highly, hyper targeted, advanced digital weapon. Nation states wouldn't even use this type of warfare against pedophiles.
Stuxnet was discovered because a bug was accidently introduced during an update [0]. So I think it speaks more to how vulnerabilities and bugs do appear organically. If an insanely sophisticated program built under incredibly high security and secrecy standards can accidently push an update introducing a bug, then why wouldn't it happen to Apple?
Maybe sometimes? With how many bugs are normally found in very complex code, would a rational spy agency spend the money to add a few more? Doing so is its own type of black op, with plenty of ways to go wrong.
OTOH, how rational are spy agencies about such things?
They don't appear there organically.