In the DeFi ecosystem, the most famous maxim is "Lego Money." This is a very fresh approach, but before interacting with external dApps, you must keep in mind that every integration could add points of failure to your dApp.
Let's consider three levels of security dependent on this:
Low Dependence: The integration can be considered secure because the core of the dApp is independent from external integration failure.
Mid Dependence: The integration should be regarded as safe, but external factors and unpredictable bugs leave the core of the dApp at risk.
High Dependence: The integration can be considered high risk because the core of the dApp is entirely susceptible to external integration failure.
A low dependence example is Uniswap:
Uniswap is indirectly integrated with all of the ERC20 contracts, but by design, these contracts can't compromise the Uniswap core, even if they are killed.
A mid dependence example is Balancer:
Balancer is indirectly integrated with all of the ERC20 Contracts, but some of them, due to Balancer's complex math, can compromise the system's security.
High dependence examples are Synthetix, MakerDAO and Compound:
Synthetix logic is highly dependent on Chainlink Oracles to feed prices of the integrated assets. A failure of the prices or the ChainLink dApp can actively compromise all of the core math.
The Compound and MakerDAO systems are highly related to the price of integrated assets; in the case of a crash due to failure of their WBTC, USDC or USDT custodians, the entire system can crash. The best practice in terms of Lego Money is to integrate external dApps based on varying risks of dependence:
Low dependence: No risks. All dApps are ok.
Mid dependence: Some risks. Whitelist dApps, or solve the related issue.
High dependence: Many risks. Integrate only with decentralized dApps, with no external dependencies, on the mainnet after at least one year or more.
Even though unpopular in the DeFi ecosystem, a Responsible Integration Mindset is highly recommended to mitigate the risks associated with a future Domino scenario, which may befall an external dApp due to a failure.