pull down to refresh

I guess it depends on how much actual mint-to-mint transactions there are. If there are a lot, then audits are hidden in the crowd. Else, what you describe is indeed possible.
And yes, Bolt12's receiver privacy probably fixes this 🫡