In general, it's safe to consume publcally exposed interfaces. Episerver Forms also supports sematic versioning. So as long as there isn't a major version change in Forms there should be no breaking changes.
This post describes our approach to our public APIs: http://world.episerver.com/blogs/Henrik-Nystrom/Dates/2016/10/introducing-changes-to-reduce-our-public-api/
This is further Form documentation (you may not have seen): http://world.episerver.com/documentation/developer-guides/forms/
Also see the Versioning section for our approach to sematic versioning: https://world.episerver.com/articles/Items/EPiServer-Continuous-Release-Process/
Thanks to both of you. I had been able to discern most of the technical "how" by examining the object model browser and examples -- and Marija, the post on your blog is very similar to what I am trying to do in querying the IFormsRepository for specific submissions by specific users.
But my biggest concern was, unlike the public API for the CMS which has its available class library fully documented at http://world.episerver.com/documentation/class-libraries/cms/, the Forms class libraries don't seem to have equivalent published information to validate that it was "Ok" or "Safe" to use for production deployment. But I think David's link (http://world.episerver.com/blogs/Henrik-Nystrom/Dates/2016/10/introducing-changes-to-reduce-our-public-api/) to the description of semantic namespacing is the answer I need. I can see that the current version of Forms follows this naming with Internal namespaces versus clearly public interfaces, so I think I have the assurance I need to continue.
we have epiforms installed, and I can see that there is a FormRepository service registered with a publicly exposed API, but I do not see any official documentation on using that service or the object models it returns. Are these interfaces safe to consume within our epi project, or since they are not documented, are they considered subject to breaking changes in future versions?