There are two aspects here.
1. As long as the command is extensible (i.e, has *[AVP] in its definition), Origin_State_Id can be added to the request/response.
2. Generally Diameter application specs address this issue, and decide to include/exclude Origin_State_Id. For example, Gx and Ro specs include it because as session oriented protocols, they recommend the usage of Origin-State-Id to detect peer restart. Sh, Cx etc don't include it because they don't use multi-transaction sessions.
So yes, it can be added . But from interoperability perspective, you may have to make sure that the remote end would use it they way you expect.