To clarify, on the Q2 docs we are advised that using pre-trained feature classifiers pose a security risk unless we know the source. Does this apply to the pre-trained classifiers on the Q2 website? Or only the ones that we might obtain from a third party on the forum?
It applies to all feature classifiers that you did not train yourself. This includes the ones on docs.qiime2.org, technically. The reason for the warning is that the nature of the pre-trained classifiers exposes you, the end user, to the execution of what is essentially "random" code (the pre-trained classifier).
To learn a bit more about why this is a security consideration, please check out this resource from scikit-learn, the tool underpinning the pre-trained feature classifiers: