There is a udev rule on Ubuntu Core systems that fires when removable media is connected to the system. It’ll mount the drive and check for a auto-import.assert file. Any assertions that are trusted (i.e. there is a signature chain leading back to the Snap Store’s root key) will be loaded into the assertion database.
If this includes system-user assertions signed by a key belonging to an developer account that is allowed to create users, then the corresponding user account will be created. If your model definition says system-user-authority: *, you’re saying that any developer account has permission to create users.
So if people other than the device owner will have physical access to the device, you probably don’t want to use system-user-authority: * in your model definition.