Therefore, the answer is that Flathub is not always safe to use. However, I do not know of any package source that is always safe to use. Is Flathub more insecure than other package sources? I can’t answer that because I don’t use solutions like Flatpak, AppImage etc. myself.
At https://blog.frehi.be/2023/04/23/the-security-risks-of-flathub/ someone has published an article about Flathub in which he addresses a few problems.
Therefore, the answer is that Flathub is not always safe to use. However, I do not know of any package source that is always safe to use. Is Flathub more insecure than other package sources? I can’t answer that because I don’t use solutions like Flatpak, AppImage etc. myself.
I can: yes, Flathub is more unsafe than package managers that actually verify all packages signatures after they download software.