Hello @xerxes1511 and welcome to the community. You should take the time to check ask.fedoraproject.org, there may be discussion in your native language there already on these topics.
In the mean time, I will try to answer your questions a well as I am able.
As far as I know, the fedora faltpak repo is updated on the same cycle as the fedora releases, and they are adding content it seems every cycle. Flatpak repos are dependant upon the repositiories the original RPM comes from being updated as well, so fedora can only control what comes from their own upstream sources.
I don’t use chrome, but there are several discussions about using it with Silverblue both on the forum and the ask.fedoraproject.org forum, please search them out for your benefit.
I find at this time for me, I need to enable the Flathub repo in order to use certain software I need that Fedora doesn’t package within their flatpak repo. I don’t consider Flathub to be any different or less secure than enabling the rpm-fusion or rpm-fusion-nonfree repos in normal Fedora Workstation.
Just like with a normal Fedora Workstation, you can enable other repos than the default one(s). The differences can be found with how it is done. On a standard WS variant Fedora system, you would use DNF to enable repos and install packages from them. On Silverblue you must use rpm-ostree (
sudo ostree remote add <name> <repo url>, which is built from libostree (also used in flatpaks), and adds the ability to layer system level packages onto the immutable image Fedora provides for said particular release of Silverblue. As for the repo’s themselves, if they are an official Fedora repo, they will be tested for vunerabilities and usability in the system build/test quality checks in Fedora’s usual fashion, third party repos are not controlled by Fedora so you would need to ask their dev’s /packagers what they do to ensure such conformance.