Hi, you raise a very good point
I think it is upon every operator of the pool to ensure that they know what they are doing and realise that the tools are just that.
The tools are there to help with the mundane tasks, but you have to be 100% sure that they are not malicious. For that reason I personally prefer the step by step guides that describe what commands do what, rather than a tool that does everything automatically
The perfect fix for this is elusive as the more people create pools the better (good) but they can create pools that are insecure and as you can be compromised for a 51% attack (bad)
In part emurgo and other are solving for this by delegating their centralised stakes to community members that they see have credibility, so pushing the stake to the trusted members. But at the same time I think the node install process could be enhanced with official helper scripts, which they tools you refer to try to compensate. And option of a docker container to be run by more novice operators is an option, coincidently which iohk already maintain, but there the documentation could be improved a little.