It’s a very valid question in my opinion and as is often the case with security, it really depends on your individual threat model and threat tolerance. As you said it seems pretty unlikely that a maintainer would install malicious code as they have a reputation to protect. And as mentioned by another commenter, even if you compiled the code yourself, unless you can audit code yourself you still have to just trust the developers. Personally for my threat tolerance, I do not see the risk as big enough to warrant the extra effort.
Crazyfrog
joined 2 years ago
I have not properly tested it, however I had a look at their sample queries. One of which was Steve Jobs, the main thing I noticed was that three of the top 5-10 results were the Wikipedia page for Steve jobs but in different languages. I appreciate that Google isn’t great but it’s not bad enough to serve you the same page three times. I personally use searxng.