Add-ons (regardless of author) are not audited by us. When it comes to code issues, it is generally down to when a claim is made and we investigate. You need to trust the author when installing any add-on.so what about those who may not have been part of past discussions?
those who may not have cruised the official xF forums and kept up?
those who may just browse resources, download and install those that look good & have good ratings?
put yourself in the xF customers shoes:
xF has yanked hundreds of addons, and the official announcement offers zero explanation or guidance to those in the community you claim to be acting in "the best interest of".
you've left a good chunk of your customers completely in the dark. even if your response is "we dont feel it necessary at this point to uninstall what you may have downloaded via xF.com up through this date", it would help.
The result here is from a combination of things, many of which have indeed been discussed elsewhere and the allegations can be reviewed there if you wish. The issues are mostly not code related.
Even in this case, very little code has been involved. I will say that the actions taken are not directly related to security concerns, but as we have not audited code, we could not explicitly say whether it is safe or not; this applies to any resource here.