It means it’s what we in the trade call “a nothingburger”. On Windows you need to explicitly install a malicious driver (which in turn requires to you to disable signature verification), on Linux you’d have to load a malicious kernel module (which requires pasting commands as root, and it would probably be proprietary since it has malware to hide and as every nvidia user knows, proprietary kernel modules break with kernel updates)
When they were installing the alarm at my house I noticed that the main guy had nextcloud on his phone and it sparked a nice conversation about privacy. He has no technical background but managed to self-host it on his old laptop with one of those distros that have an easy UI for self-hosting (don’t remember which one exactly). He’s a pretty cool guy.