Won’t be safe until devs know what kind of security the switch eshop has in place for this kind of thing. May not see a “safe” solution for a very long time either. CDN downloading will get you banned no matter what, for now.
The eShop's security model has been published already, and it'll never be safe, full stop.
SciresM's writeup on the CDN implementation has everything you need to know about why it's never going to happen.
"Abridged" version: You need console-unique certificates to do
anything at all, and you need a "clean" (Read: Not banned) certificate to do anything that isn't downloading system and application updates.
No matter how innocuous you think you're being ("Oh, it's fine because I'm just downloading the content metadata, not the game itself! It's fine because I'm only downloading the
encrypted DLC, I'm not sending a ticket request that'd be denied anyways!", etc.),
everything you do is being logged on Nintendo's side. They know exactly who did it, which Nintendo Account was used, which Device did it, at what time, which title they attempted to request, and so on and on forth.
I apologize for sounding like a killjoy and a fearmonger, but I'm simply relaying what's already known for a fact and verified by multiple independent parties. This tool isn't just "risky", it's a surefire way to ensure your console is added to Ninty's next banwave.