Apps that have to link hardware via Wifi sometimes do, they take complete control over wifi in order to create a wireless access point and make the device connect to it during setup. I think Nikon camera remote control does this, also Meta Horizon, with Meta Quest VR headset, IIRC.
There's also Wifi ranging feature, but it shouldn't need to expose SSIDs to the app, I don't know the API, it should be limited to giving a precise location:
That sounds like something that's also not that risky. Short lived, temporary access point with randomized BSSID/mac address should not be useful for long term tracking if done well.
It is not, if the developer only does what is expected. I believe when you have to perform this, the Android authorization asked to the user is complete control over the network adapter settings.
