FYI FlatHub uses GitHub Actions, you can check how they build their apps and some of them support reproducible builds, just in case you want to verify GitHub isn't acting maliciously.
FlatHub and AUR can't really be compared in terms of security. Flatpak apps also don't modify the host OS, while AUR packages can.
Personally, I only trust distro packages and FlatHub.
@thegreybeardofthetree @pastermil @linux
FYI FlatHub uses GitHub Actions, you can check how they build their apps and some of them support reproducible builds, just in case you want to verify GitHub isn't acting maliciously.
FlatHub and AUR can't really be compared in terms of security. Flatpak apps also don't modify the host OS, while AUR packages can.
Personally, I only trust distro packages and FlatHub.