f-droid implies

* that the application is source-available;

* toolchain used to build the app is FOSS - application does not use Play Services, or proprietary tracking/analytics, or proprietary ad libraries.

* application toolchain doesn't depend on "binary blobs";

Not even passing the sniff test on those easy to meet requirements is suspicious.