I'm happy with trusting that active members will post non-malicious DLLs. I also believe it would be completely fair to force submitting source code to the repository for a trusted person(s) to review the source code and compile. I think the Outpost Universe community as a whole takes some implied responsibility for DLLs placed within the official download even though this is all unofficial fan modifications. Just wanted to bring it up.
I personally agree with the stance that anything we are distributing as part of the "official" download should have source available, or at the very least we should probably inspect the compiled code in IDA to ensure that the mission isn't doing anything it shouldn't be.
Arklon and I have actually reverse engineered some missions such as Swarm back to source because we wanted to try to hack on the mission somewhat and the source code was unavailable (this is a problem with any unofficial missions, people post a compiled DLL and then disappear, source nowhere to be found). We've also talked about reverse engineering the campaign missions and colony games to source so people can see how they work, though this is a lot of work and unlikely to happen soon.
One impetus for the Python mission support I was working on was this specific reason, the Python source *is* the mission so one can trivially verify the mission isn't doing anything it shouldn't. In addition, we can sandbox the Python interpreter so that missions can't do operations such as reading/writing files, network activity, starting processes etc.
As an aside, if we are particularly worried about security, we should probably audit techtrees and map files as well (IIRC in the techtree parsing code, there are unchecked reads into fixed length buffers and I believe Hooman did a PoC showing that a malicious techtree can smash the stack and execute arbitrary code).
I don't think Flashy visits the forum much anymore, but his scenario 5P, SRV, Danger Zone is really well polished, challenging (at least for me), and cooperative. I think it would be worth adding to the next release.
I have played through 4P, SRV, Caught In The Crossfire a couple of times with others. I think it would be good to include in the official release as well.
Agreed, I think we should include as much user-created content as we can, assuming it is in a reasonably finished state and is playable.