Further to this excellent answer here by Irfan Latif How Magisk works? and considering that Magisk modules need not be open sourced (Are all Magisk Modules Open Source?), the question is
Do they pose a privacy risk?
(Risk as defined here)
I guess the answer is yes, for instance a battery performance module needs to know the device identifiers to tune the parameters (Lspeed d, FDE etc) but wanted to be sure
and if so, what can one do to protect privacy - outside of not using them :(
Note:Some modules like Lspeed create an app too but restricting app using XPrivacyLua seems pointless if the module itself is a risk.
