Not that WordPress doesn't already require the ability for the server to write into a few directories, but requiring that the wordpress themes directory be server-writeable as well is a fairly bad idea. It's good practice to minimize the permissions that a webapp needs to run, and allowing a server process to inject arbitrary themes to a WordPress installation is just begging for trouble.
Installing the required themes manually is quite simple - I'd appreciate if the "hard" warnings thrown by the plugin would instead at least check for the presence of the themes it expects, and silence that alert if the themes are already manually installed. As it is, I've got to edit the plugin code to strip out those warnings once the themes are manually in place. I'm aware that updates would require manual syncing of those themes as well.