is safe to allow sites to import sample data

My multisite is open to the public (or, it will be), allowing anybody in the world to create a site of their own. I would like to allow site owners access to WordPress importer plugin -- you know, the standard one from wordpress repository. However, I'm concerned about security. Would they be able to upload malicious code and destroy the world? Or at the very least, reap havoc on my website and community?

Please note that I do understand that nothing connected to the internet is 100% safe, and I am using the awesome Anti-Splog plugin, and I do plan to go through all the steps to beef up security on my Multisite network and web server.