As noted already, this has actually been discussed within the Team.
One of the main stumbling block is the usage of beta-test repos by developers, most commonly (but not exclusively) skin developers. The addon/skin is developed and tested in one repo, and then once it is proven ready it is submitted into the official repo. If we had the requirement for only updating from the repo where the addon was installed from, then people would end up with parallel installs of beta and release versions installed together, which is a recipe for disaster.
It should also be highlighted that the version of Kodi that we ship explicitly has install from third party repos disabled by default. It has to be enabled by the user, including a pop-up indicating the potential risks in doing so and an acknowledgement that they accept that risk. So by default the described risk is not present, as the only source is the official repo and we control what is accepted into that.
This is also why we dislike "meta" repos, and have the most common of them as part of our
banned addons (wiki) list. Not just through their often violation of our
piracy policy (wiki), but for their often lax attitude towards inclusion of forked higher numbered versions of even legitimate addons. It does of course apply to any 3rd party repo potentially, but those large meta-repos are the largest risk.
In the end we try to look after the general user base by curating the official repo and disabling third party ones. For more advanced users (or those who think they are) who make use of third party repos, then it is their responsibility to ensure that what they put on is trustworthy, and they are responsible also for any outcome that may happen if they don't make any effort to check things and just randomly install stuff from anywhere.
A couple of my blog posts (links in my sig) are on this very topic, as are a few older ones from other team members.