That would require someone to already want to sabotage me in particular, learn my private workflows, and also have write access to my home folder. At that point, All is Lost.

Don't tell people to sacrifice agency for apocalypse insurance that doesn't work, lol

If someone can drop a file in your ~/bin, they can also edit your shell’s startup files to add their malicious command.

I think it's already game over if they have access to your home directory. They can also edit your path at that point.

The issue of rootless malicious command overrides is solved by typing the whole path, such as "/bin/sudo".

While true, what you describe is very unlikely to happen and most definitely won’t happens on systems where i’m the only users.