I have a question about how to test for security (CRUD/FLS) in a package code.

To test for (CRUD/FLS) we usually create a couple of different profiles, one for positive cases and another for negative cases, and then our Unit Tests just do a System.runAs(userWithPositiveProfile) and a different test does a System.runAs(userWithNegativeProfile), that way we test the parts of our Apex Classes that handle the permissions.

The problem that we are having with this is that apparently there is no way to include the Test Profiles in a package and you can't create Profiles from Apex code, so our test would run just fine in our DE Org, but fail if run on the Org that has the package installed.

I know that tests are not run during installation, but is this something that Salesforce looks at when doing their review of the package previous to the publication on the AppExchange?

And if a Sys Admin runs all tests in the Org that has the package installed he will see the errors. I would like to avoid this if possible.

Should we just write some conditions in our tests that will check if those profiles are there and if they aren't just skip those tests? Even if that takes our Code Coverage bellow 75% if the tests are run outside our DE Org? As I understand it we are required to have 75% coverage when uploading the package, I understand that it's advisible to always have 75%+ code coverage but we are having parts of the code that we just can't find a way to package the tests to run in any Org.

How are you handling the Unit Testing for Security (CRUD/FLS) in your package?

Thank you.