Hi! Right now Flathub has just one repository for all apps, both maintained by the apps authors and the maintained by community members.
Since when I install an app, I must already trust the author of the app, if I install an app delivered from the community I have to trust also the person who is packaging the app, introducing a new layer of security,
That is why I suggest to split the repository in two, like some distros do (In Arch for instance you can find core, extra, community, AUR, …): One repository only with apps packaged directly by the app creators, and other for the apps packaged by community members.
This way you can choose if you want to use one or both repositories, improving security and making users more conscious of the origin of the flatpak.