Why not, in regards to security reasons?
Eg, if you are able to run python/bash/etc, security is out the window. By not allowing installation hooks/scripts/etc, all you do is move the security concerns from installation, to runtime.. which doesn't seem to matter to me.
I'm not arguing for it necessarily, just commenting
At any rate, if i (or any developer) *needs* an installation/configure stage, all you're going to do is make that phase trigger on first run of your application. Eg, some Workflows popup asking for configuration (such as API Keys, etc).