First, a school network is not a public network and it can run any policy it wants, including intercepting and monitoring traffic. You don't have to sign anything, using the network is implicit consent to the rules it is run by. The only legal requirement in my country (so your laws may differ) is disclosure of those rules, you must be able to look them up somewhere.
Second, regarding danger. The danger is exactly equivalent of the lowest security among the machine(s) that have a copy of the school root certificate (the private key part). If any of them gets compromised and the attacker gets a copy, he can do everything the school does, including interception and manipulation of traffic. If the school rates that as "low", then it assumes that users of the network don't do anything of personal importance, like online banking.