Oddbean new post about | logout
 The risk is much smaller than using a third party F-Droid client like Neo Store as I outline in the post.

However, it is still best security practice to not introduce a third party when the side-load apk release is only made available by the dev on F-Droid. 

Hence, I side with the recommendation of PrivacyGuides and modern security best practices in recommending F-Droid Basic if the dev officially releases the apk on F-Droid and it is not available on their website or git.