I’m not very security conscious, but this is a kernel extension that is possibly not open-source. I say possibly because the Github page and an older blog post are both 404:
I imagine this was open-source at one point and then it became closed-source?
I don’t know if it was ever open source, but I personally don’t have any reason not to trust the author:
It’s modeled after Little Snitch, which is also closed source and is rather popular. I imagine Zdziarski made an initial open source version, got a strong positive reaction to it, and decided he could spend more time polishing it up to sell as a product.