I can’t say I’ve ever actually witnessed those things presenting as a problem on my system, personally.
One advantage (imo) of flatpak over the AUR at least, is that flatpaks can have a verified status, which makes them as safe as using a distro package (sometimes more so, since they can be sandboxed), where as each AUR package should be manually inspected to avoid the potential for malware, as recently occurred on there. Without knowledge on what to look for in an AUR build script, it can be a potentially unsafe source.
Debian + Verified flatpaks offers good security for the widest range of packages for the least effort, at least in my experience.
I can’t say I’ve ever actually witnessed those things presenting as a problem on my system, personally.
One advantage (imo) of flatpak over the AUR at least, is that flatpaks can have a verified status, which makes them as safe as using a distro package (sometimes more so, since they can be sandboxed), where as each AUR package should be manually inspected to avoid the potential for malware, as recently occurred on there. Without knowledge on what to look for in an AUR build script, it can be a potentially unsafe source.
Debian + Verified flatpaks offers good security for the widest range of packages for the least effort, at least in my experience.