If a user is hidden at Special:CentralAuth a local block is created for each wiki the user is attached to.

Minor nitpick: there are two levels of hidding on CentralAuth. "hidden" means that the account name is hidden from Special:GlobalUsers. The "suppress" option is what makes the account be hidden from edit histories, lists and logs (that is: oversighted).

The creation of local blocks should be removed since they are not needed for enforcement

A locked global account cannot login anymore to their account, so technically yeah, local blocks are not needed to enforce the lock as long as global locks continue to behave this way.

However when a global account is suppressed (oversighted) local blocks are needed so the local accounts' edits, logs, history, etc. are hidden by applying a 'hideuser' block, making their username hidden everywhere.

Please make sure that globally suppressed account names continue to be invisible in edit histories, logs, lists, etc.

Thanks!

I don't think any of those things can happen:

However, this does not happen if the user has an existing block T25310

As I commented in the linked task, I believe that's intentional. Stewards shouldn't override local communities, and if a project with OSes decided to only block the user, they probably didn't want to oversight it. It would be wrong to suppress it just because a steward wanted it to.

or if a new wiki is added to the cluster.

That wouldn't change anything - an user doesn't automatically exist at all wikis (at least with Wikimedia's CentralAuth implementation, which is canonical, because CA isn't really ready for 3rd party use). If a new wiki is created, the user won't be created there (unless they logged in there, which can't happen, because they're also locked [locks prevents all logins]).