Are Arch Community Packages safe from virus or malwares?

I am new on Linux ecosystem and have some confusions regarding the terminology that are being used. With that being said, my reason to switch to a Linux Distro from Windows because it provides a unified package manager from where I can download and install software, without needing to go on the web and find necessary ones. The distro I am currently using is Ubuntu 20.04.2.0, which is good, but the packages they provide are kind of old and I would not be complaining if they had at least provided the LTS version of the software. So, I recently came across Arch and Manjaro which are rolling release distros, but I am interested as it provides both the latest versions and LTS versions of the softwares. That is great. But, I am little worried because most of the software I use are in the Community Repo (Node JS, Dotnet Core and gh). And, here is quote from Arch documentation: > community contains packages that have been adopted by Trusted Users from the Arch User Repository. Some of these packages may eventually make the transition to the core or extra repositories as the developers consider them crucial to the distribution. It says "Trusted Users" (respect for them) pick the packages from the AUR to "Community Repo". From some online forums and articles, I learnt that it a good practice to avoid using AUR as it may cause unwanted things or even infect ones PC with viruses and malwares. Once again, I am a noob in Linux world and have absolutely no idea about Arch Linux and its derivatives. So, I wanted to know, is it safe to use packages from the Community Repo. Does the "Trusted Users" (maintainers of Community Repo) check for validity and security of the AURs that transition to the Community Repo?