This flag seems to exist already. I didn't find any documentation, maybe it needs more attention?

We already have a way of marking this, but it's not much used. I would second adding a new class, below TUs, who can mark packages as safe. I think also that safe marking shouldn't be binary, but rather, "For version X of package Foo, Y TUs marked it safe"

This is what we (happily, I have to say) removed with the latest AUR release. Safe flagging has always been a pain: it's incredibly time consuming (every day tens if not hundreds of packages are updated) and there's very few people that can work on this. Arch has a continuously growing user base, but the dev/TU number has been quite stable for some time and the workload for us keeps increasing. Moreover the average package quality is not very high: a vast majority of the builds doesn't respect the current standards and many are broken, nevertheless they could be marked 'safe'. People then would come complaining to us because the package doesn't work, but they don't realize that AUR *really* means 'unsupported'.

In short: wanna help? Apply for becoming a TU. When we will be enough to keep up with it without going crazy, then we will talk about adding new features that require extra work for us.

@Daenyth: devs and TUs are entirely different entities, there's no hierarchy and that's on purpose. Arch strives to reduce bureaucracy and verticalization to the bare minimum, and you can be sure that such a proposal will be rejected by almost everyone because the Arch Way focuses on the KISS philosophy...

Thanks for clearing that up bardo. If that wouldn't work, then I think the next best thing would be to allow AUR users to have reporting abilities. (Perhaps with different abilities for user groups, but not necessarily)

What I mean is that when an AUR user visits the page for a PKGBUILD, he has some additional buttons to use in addition to "Flag out of date"
* Mark as dangerous (PKGBUILD contains overt or subtle malicious code: forkbombs, "rm"s, etc)
* Mark as poorly formatted (PKGBUILD does not comply with Arch packaging standards)
* Mark as broken (PKGBUILD does not compile or the compiled package does not work as advertised)

And a display:
X users marked this PKGBUILD {dangerous,broken,malicious,outofdate}. Most recent flag: foodate at bartime

I love Daenyth's idea of user-based multi-criteria evaluation of packages. Can we envisage that in AUR2?

The criterias would need to be discussed and the choice may not be easy. Some considerations though:
* I used "out-of-date" for broken packages (as it's often due to changes in other packages). I think that "out-of-date" could be replaced in my use by "older than upstream" (terms to find) AND "broken".
* I'd like to know if dangerous packages happen often. Maybe every package reported dangerous would need to be inspected by a TU (and deleted if necessary).
* I think being able to report Safe would be great. Then "dangerous"/"safe" votes could result in a karma.

@bardo: I've been thinking about it for the last days and I'll take you at your word. I'd like to spend more time for Archlinux and will soon candidature for TU. I have a draft ready in my mailer and just want to speak with a (ex-)TU first, and make sure I would make a useful work (considering I have a lot to learn).

I don't think any of this is necessary, we got rid of safe flags because they were basically useless busy work for Trusted Users and nothing more than a popularity contest for users. Think of it like this, if a PKGBUILD is dangerous you inform a TU to get it deleted, I've never heard of a case of a malicious PKGBUILD and if it does ever happen there are forums, email, irc and mailing lists all to tell a Trusted User. If a PKGBUILD is broken you tell the maintainer, if they can't be contacted you ask to get it orphaned so you can adopt it and fix it. If a PKGBUILD is formatted incorrectly you simply write a comment because the format of a PKGBUILD isn't really that high of a priority. I think we're just falling back into a popularity contest with this stuff, especially the idea of karma.

If you want to help out the community by cleaning up the AUR you should apply to become a TU, there can always be more TUs.