How are you shooting yourself in the foot. Regardless of what approach you take, you're placing your trust in some random generator. Whether this trusted generator is formatting its output in the form of raw 0s and 1s, or an alphanumeric string, or UUIDs, is absolutely irrelevant.
You are shooting yourself in the foot by calling your random number an UUID or thinking that randomness is a property of UUIDs. This is going to come back and bite you in some way, one example would be where later changes to the code (by someone who knows about UUIDs but not the assumption that they should be random) mixes in a v1 UUID...
You're attacking a strawman. No one is saying that all UUIDs are generated by CSPRNGs. Only that some are.
Regardless of what method you use to generate secrets, someone could later change the code to generate the same secret using a non-cryptographically-secure RNG. By that logic, alphanumeric strings should not be used as secrets either.
