Well, technically, I trust the Debian developers to do that for me. And I verified that they have approved of the software automatically, by checking their signatures on the Release file, which contains the hashes of the packages.
If I have the option to, yes. Or rather I take much less care to actually read the code when I am installing a package out of the Debian repo's. Otherwise, I at least try to review what the heck that I am installing, especially on my own machine.
