This does feel like something you should be able to toggle off. I can understand their security concerns, but I didn't switch to Firefox because I wanted less control/trust from my browser.
I'm generally fine with anything mozilla chooses to with firefox as long as we retain the ability to undo it, but it is something that should be watched closely given the power of the default.
The intent behind the feature is obviously to keep a list of known-bad domains there, to disable extensions Mozilla hasn't vetted as safe on said malicious domains.
If I had to guess, I'd say it'll be set to "" by default, unless you crank up some security setting to extra-paranoid, or, obviously, set it yourself.