I think the assumption A.NO_EVIL itself is not bad.
But, is it necessary for ST authors (usually, TOE developpers) to think out the measures and describe them in the security objectives, and in the user/administrator guidance? ( although, this is the CC requirement. )
Those measures (for A.NO_EVIL) would be different in the actual environment.
Also, developers, evaluators and validators might each differ in their opinion about the sufficiency (or just about the written statement in the security objectives).
I propose that the ST requires to list possible risks and threats explicitly together with the assumption A.NO_EVIL, rather than to describe the measures.
If the assumption is not fulfilled, it should be the responsibility of the operational organization to accept the risk.
Similar assumption would be:
A.WORK_CORRECTLY"The underlying OS machine works correctly."