Security is always a valid concern, and as you say it’s never 100%. But again, if you wanted LAN users to be able to change their passwords, there were already other solutions for that–the stock Nethserver installation gives that capability. But that capability, at the time I wrote this, existed only in the server-manager (Cockpit wasn’t the norm at the time), which is going to be accessible from the LAN in any event. But if I wanted remote users to be able to change their passwords, that meant I had to expose the server-manager to the whole Internet, which (in the interests of security) I didn’t want to do.
If you want local users to be able to change their passwords, I really don’t see any reason to install this–they can already do it through Cockpit. And today, I don’t know that there’s much point in this module even for remote users–Cockpit now allows remote users to change their passwords without exposing the rest of the system to the Internet.