That you built this in such a short span of time is impressive, and really does a great job undercutting the “security” reasons for the dot to be there.
I don't think this undercuts the security reasons. I think the general idea is that if you leave Zoom / FaceTime / OBS open and recording, the orange dot is there. Same dot, same place, no matter what app you are using, as long as the developer doesn't disable it.
Using the API to disable the dot requires some pretty scary permissions to be enabled on the app disabling the dot.
Using the API to disable the dot requires some pretty scary permissions to be enabled on the app disabling the dot.