Autoremove targets Dependencies that are automatically installed.
I am going to give my Official Zorin Forum Advice:
Run sudo apt clean && sudo apt autoremove.
Regularly.
When I first migrated to Linux, back then @swarfendor437 was the moderator of Zorin Forum and I said to him the same thing you just said to me.
His response boiled down to "Well, it's up to you..."
As time passed, I realized two things;
Autoremove can only remove something I did not want removed if I really mess things up.
I had far, far more headaches without running it.
The system gets cluttered with residual junk, clutter and bloat if it is not run.
When Autoremove can give you a headache is only after you remove something you should not have, like the Zorin Desktop.
It comes down to taking care to remove things carefully, not to worry about autoremove later.
Lastly, if you retain concerns; just set any critical packages to Manually Installed with apt mark and then autoremove cannot remove them, anyway.
While there are many, very few of them can be targeted by autoremove. See, the ZorinGroup is smart: They distribute Zorin OS with most of them already marked as manually installed for you.
So the Zorin-desktop-lite or Zorin-desktop is one primary one you might mark - which is left default due to the desktop being an End User Choice.
Beyond that... this is something you determine by what you install later.
let's say you needed to install Python, Pip, build-essentials, debcreate or all the dev tools I do, (the act of installing sets them to manually installed), you can grab the list of dependencies from the terminal and then sudo apt install (that list) to set them manually installed to.
But the critical packages that come with Zorin OS are already protected. It really only applies to what you do after that.
That sounds reassuring. Does this mean that you mainly have to make sure that the desktop is not removed, all other system packages are better secured?
What about pulseaudio and pipewire? Do they need protection when installed later (I have replaced pipewire with pulseaudio in LM)?
If you installed a program, that sets it to Manually Installed.
But if it needed to automatically pull in dependencies, those would be automatically installed.
I am not sure what the answer to your question is, because I did not see the terminal output at time of install. I do not know if it installed any dependencies alongside of your commanded install.
Does this mean that you can no longer mark these dependencies afterwards or install them again yourself, as you not have the terminal output from back then? Do you have to do this during the installation of a package?
So when you are asked if the dependencies shall be installed, then copy the list and enter "sudo apt install ...[paste the list]" instead of confirming with yes?
Let's be clear, applications rely on certain dependencies in order to run the application so if you say no, the application won't get installed/won't run. In terms of removing items, my advice now is to use Stacer. Bleachbit is another alternative that some prefer, but I have read in the past where Bleachbit has caused nightmares for some users. Bleachbit needs to be run twice, first as Bleachbit with root privileges, and second with user privileges. I find Stacer much easier and safer to use. When you get prompts for autoremove you need to look closely at the list of things it is going to remove. Some stand out like a sore thumb which should prevent you from running the command. When you think about it, this is a flaw of GNU/Linux and you would think this would have been rectified by now.