Can iOS app bypass/skip the device passcode window if it knows the passcode
The answer is actually quite similar as for macOS:
The intention of the system is (ofcourse) that apps are not allowed to bypass/skip these passcode prompt windows, and they're not able to "just" put in a code if they happen to know.
Similarly on recent macOS versions, apps cannot "just" interact with controls in windows they have not shown themselves. You can however give apps permissions to do so (for example an app that enables you to create macros of actions within other programs would be a good example of when you actually want to allow this behavior).
However - as your question on macOS centered around malware, the same is true for malware on iOS - if the app does not "follow the rules" and intentionally exploit weaknesses in the operating system's implementation, it is theoretically possible for apps to bypass/skip these prompts if it knows the passcode itself. It isn't really "theoretical" as in "can't really be done in practice", but more like "it will be a bother to do".