I think this is roughly correct. There is already a trend in many companies toward actively eliminating or minimizing external open source dependencies in their code bases for supply chain reliability and security reasons. Adding significant new liabilities to the use of external open source dependencies will only encourage this trend.
At the very least, I think it will have a chilling effect on the production and use of open source.