Automatically improved by each user? I would argue not. Robot Framework does store store any of your data anywhere so whatever credentials or information you use is yours and only yours. Of course don’t log it out to some file somewhere although that would not be the fault of RF, that’s just a user mistake.
But any merge requests or pull requests to contribute or enhance RF are also peer reviewed and subjected to Committer eyeballs. That’s no different than Closed source software. Also, it’s well known, and I guess documented if you search around the web, that Open Source software in general is more secure than Closed source software precisely b/c more eyeballs can take a look at it.
Community created code contributed to RF is not just automagically accepted and merged in.