No company, including almighty, do-no-evil Google should be trusted this much.
It isn't just about trusting the CDN: relying on popular public static resources like this increases your vulnerability to DNS poisoning attacks.
If some malware manages to redirect requests for Google's static content servers to their servers they could inject a key-logger or username/password/credit-card info scanning code into every site (even small and/or low profile sites that would otherwise not be as likely to be targeted) using that as a source for libraries like jQuery that the infected users visit.
It isn't just about trusting the CDN: relying on popular public static resources like this increases your vulnerability to DNS poisoning attacks.
If some malware manages to redirect requests for Google's static content servers to their servers they could inject a key-logger or username/password/credit-card info scanning code into every site (even small and/or low profile sites that would otherwise not be as likely to be targeted) using that as a source for libraries like jQuery that the infected users visit.