UUIDs are a valid security tool
arring.netwhat?!?!
why would you use a UUID for this? A version 4 UUID does have about 122 random bits, so it could work OK for this use case. But firstly, it's unnecessarily short. And secondly, why? FFS, WHY?
Why not just use a random number with the length of your choosing, encoded in hex, base-64, or whatever floats your boat?
UUID does a lot of that for you already and you know its URL friendly. Its good enough for hiding things behind a URL and being unguessable. Good enough.