I'm browsing Nuget libraries from an author and see questionable content.. something that doesn't have the same quality as some of the prior work I've seen.
How do I know that the author of a Nuget package is really that person?
Can I extend that trust into the built-in update process of Nuget?
The "author" is simply metadata that is included in the .nuspec file. See (http://docs.nuget.org/docs/reference/nuspec-reference). This can be different than the package owner/creator.
In the beginning when NuGet was starting out, there were a few people that were creating packages for projects that they didn't author mainly to get the package in the repository.
Now that NuGet is more established, it is recommended that people contact the project owner and have them create their own NuGet package.
For packages that have already been uploaded to the repository by someone other than the author, the author can request to have the ownership transferred to them.
Since there's no guarantee that the package creator is the original author, I'm not sure how that affects trust. However, if you install a package, it is pretty safe to say that updates will either be from the same person that created the initial package, or potentially it will have transferred to the actual author of the project.
In other words, trust will likely be the same or perhaps better (if actual author), but seldom worse than the original package you installed.
Hope that helps.