It would be very nice if F-Droid would make an official published and signed list of trusted third party F-Droid repositories with their name, link and fingerprint.
This list could then be referenced by the official client and warn (not block) the user if he tries to add a none approved repository.