Sure, and if it's nicely sandboxed away and running in a bubble then it's perfect, if however it requires hooks into the system, which is the current paradigm, then they can't cover all cases. What if you have a custom bash profile and it kills it? Or some mix of packages throws a curve ball? At the end of the day you should know your system and requirements more than a faraway team, which reduces the risk.