This is naive. Of course they would not do the obvious. But for a group of knowledgable persons it is easy to implement some "errors" that go unnoticed long enough to inflict serious damage.
Only a tiny fraction of all bitcoin users is able to understand the source code. And of this tiny fraction only few do actually verify it.
Sorry, but this is retarded. First of all, what exactly is it you think they can do that will go unnoticed? Cause if it's not changing how addresses are created (in order to make them easier to brute force), and if it's not minting extra money.... what the fuck exactly do you think they could do?
Now, there ARE some things I can think of (which I'm not mentioning because I want to see if YOU can), but let's say they DO secretly add them. It doesn't matter if most of the community doesn't notice, because all it takes is ONE PERSON noticing and posting about it. Giant errors like that get found fast not because everybody can read code, but because all it takes is ONE PERSON reading it. Because that one person then goes and TELLS PEOPLE. So your big worry can completely be mitigated by simply waiting a month or two after new releases before you update. BAM, problem solved.