Removal might be too difficult and not required since nobody / nogroup is probably already created by Debian default.
However, should make sure that nobody / nogroup is used nowhere in Kicksecure / Whonix source code.
Since System-wide sandboxing framework - sandbox-app-launcher - #371 by Patrick was done, this is now the case.
Having nobody / nogroup in /etc/passwd isn’t a security issue in itself. It only becomes an issue if a program is running under user nobody or under group nogroup or if a sysadmin sets the permission of a folder to user nobody or group nogroup with the assumption that these Linux user account / Linux user group has a special meaning, which would be wrong. Because user nobody or group nogroup has no special meaning. It’s just a normal user / group.
Also added to user documentation just now:
https://www.whonix.org/wiki/System_Hardening_Checklist#File_Folder_Permissions
There unless anyone has any further input, this is resolved.