These instructions and scripts are meant as a training class for Linux+.
As this is an entry-level Unix / Linux course, security is not a main concern. It plays a role for sure, but most of the things happening are meant to have students get some Linux practice.
So, no need to report any security findings, unless you see me tell them something horribly bad. ;)