Is it a Security Issue that Keycloak Stores the SAML Persistent NameId as a User Attribute?

For the SAML persistent “Name ID Format”, I noticed that Keycloak generates a client-specific value for the user and then stores it as a user attribute named As I understand it, SAML SPs use this name id to map IdP users to local user accounts in their system.

I know that certain types of UUIDs are random and thus hard to guess. However, it seems like an invitation for a bad actor to attempt to cycle through their own user-supplied values until they find one that works for a given client.

It would seem better for this value to be read only or generated and stored elsewhere since user attributes can be updated by end-users.

Can somebody explain how my thinking might be wrong about this?