Greetings. The recommendation to read every and any AUR package before installing is certainly correct. Although it is also over my head because I would not have known of any of those malware attempts.
So out of desperation, I drafted a AUR package scanner wrapping YAY and scanning every AUR package with a Claude LLM before installing. Its a first POC and I know nothing, but maybe some find it useful and want to join. We are all affected so lets work on this together. https://github.com/manticore-projects/aurscan In my tests, the consumed Token cost around 3 cent per package. Money well spent. Best and cheers Andreas
