If the addon user was removed, all permissions for that addon would be revoked. Yes this would be a problem, but it would break all permissions for that addon, not just bulk user lookup. That is, the addon would not even have read permissions any more.
I’m not saying that this doesn’t happen, but the alternative is to make an API where customers cannot possibly revoke permissions.
Perhaps a way around this is to check if the addon user can do the things it needs, and warn the customer if something’s wrong. “Hey it looks like this application is missing some permissions that it needs in order to work correctly. Please contact your site admin to get that fixed.”
Note that removing and re-adding an addon (or in fact, installing any addon) repairs the permissions.