You do not want to run NodeBB using sudo because this causes NodeBB to be run via the root user. This superuser has complete access to the entire system and should NodeBB ever become compromised, then a malicious user can utilise NodeBB as an attack vector to take over your system.
Secondary effects from running NodeBB under sudo include the changing of ownership of some files to root, which would complicate administration of your NodeBB further as future starts of NodeBB will fail with an EACCES error, simply because some files could not be written to, as they are now owned by root instead of the regular user!
Best practice security recommends running NodeBB with as few privileges as possible (ideally, nobody:nogroup), but practically an unprivileged user is perfectly fine.
By the way, this also means running NodeBB as a user that has sudo access is also insecure. Just some food for thought.