Honestly, if the app was open-source so we can check it does not leak data, I would probably have no issue with it.

Making it a separate app makes sense if google wants to allow other apps to re-use the code. No reason to have the same functionality bundled into each app separately.

And the feature, as long as it is configurable, seems useful.

The auto-install is bad but understandable. As far as I am aware, there is no easy way to mark an app as a dependency of another app so it gets automatically installed only when needed. This should be fixed, but auto-install for all is not terrible temporary solution. This does not apply when the app is closed source and may steal your data.

https://www.law.cornell.edu/wex/reasonable_reliance

That’s debatable, since the fraud usually has to be something a reasonable person could believe. E.g. no suing Copperfield for faking magic, even if he advertises it as real.