Don't we all do that? We install code from github, we run curl commands and pipe them through bash, we use apt or yum. How many people actually look at the code?
True, though to some extent I'd expect the moderation and reviews of people on Github or apt would be stronger than that of the average wordpress user.