I'll go with number 3. She didn't just say "don't run", she said "uninstall". That doesn't sound like "misleading" or "uses too much resources". It sounds very CVE-ish.
That's what it smells like but this is still a weird way to disclose something like that. I imagine some people with free afternoons are taking a stab at auditing atop's PR history right now. I'm not personally up to the task, but the fact that the top 3 contributors other than the original author are ByteDance employees might cause some to jump to conclusions.
Does atop have any legitimate need to connect to the network? I can’t think of any legitimate accidental security holes that might show up in something like atop, but then, these utilities often have funky features I don’t know about!