When I read about OTP bits to disable functionality, It looks like the way on how malware/virus can kill your CPU just by writing some bit at specific register... I can understand when functionality is disabled with soldering resistor jumpers as it's done on Intel CPU, but when you can do it with software, it makes such MCU very non reliable...
If it was running a proper (full) operating system and directly connected to the internet in a significant way, like a full sized Raspberry Pi running Linux, could be. Then I'd agree with you.
But, it is for running embedded (MCU) applications, typically compiled or interpreted from (often your own) source code. So, should be relatively immune from such attacks.
But, on the internet, there could be downloadable image files for the Pico2/RP2350, with harmful (I don't know if special button/signals are needed, in order to change the OTP, or if anything, at anytime, can mess with the OTP) stuff, designed to 'destroy' your device.
I don't think it is a serious problem.
Perhaps they could have given it some kind of method, for resetting it back into factory default settings mode.
Some other MCUs (IIRC), are also susceptible, because their boot loader code, can be erased/disabled, forcing more dramatic methods of reprogramming it, such as having to use a JTAG device, rather than the usual USB programming (boot) method. I think (IIRC) some are basically bricked if the boot code is erased/disabled, either permanently or unless you have access to (a possibly VERY expensive, but sometimes there are much cheaper clones available), proprietary factory supplied programmer device.