I believe the main issue is that adding apps to the repository is a complex process. A lot of apps in Izzy’s or other repositories get added to the F-Droid repo later.
I meant this in a very theoretical sense. I’m sure none of the repositories on the list of known repos contain malware.
As long as you don’t add random repos that you find elsewhere on the web you’ll be fine. Or if you do find a repo that interests you ask other people here if they think it’s trustworthy.
I don’t think so. 