There is no indication that this is proof of malicious
behaviour from OnePlus itself, but rather the result of lack of attention; the EngineerMode app does not show up until a
user manually chooses to see system apps, and Android also has extra security
measures (in the form of additional steps) that prevent casual access to the app.