F-Droid build APKs themselves from source, so presumably 0, as they don't allow APKs to be uploaded.
F-Droid does do some safety checks themselves already too, I don't know exactly what.
Edit: Perhaps I am mistaken... but I think the linked post was referring to users adding additional repos to the F-Droid store, not the default F-Droid repo??
The objective with adding a third party repository key IIUC, would be to not need to prompt about installing from unauthenticated sources if they're installing from a third-party repo; so the fdroid key for the APKs that they or a CDN host would be verifiable.
It would be good to scan the sources with SAST and DAST and scan the APKs once they're built too.