I can see a lot of recommendation to not create System Users via API (maybe it is not possible?) or to not replicate System User across environments (via package bundle for example).
I'm curious, since System Users doesn't have password or can't be used to system log in, which risks are being mitigated with a manual user creation approach (via crx exporer)?