No, their client only connects to their own server by default and the server crawls relays and caches notes. I assume they verify signatures there.

The problem is that Primal controls the server so they could fake notes from anyone.