eschwartz [1] filed a deletion request for zsh-theme-powerlevel10k-git [2]: This package contains a mysterious binary not present in the source code nor built in the PKGBUILD: zsh-theme-powerlevel10k-git E: ELF file ('usr/share/zsh-theme- powerlevel10k/gitstatus/usrbin/gitstatusd-linux-x86_64') found in an 'any' package. zsh-theme-powerlevel10k-git E: ELF file ('usr/share/zsh-theme- powerlevel10k/gitstatus/usrbin/gitstatusd-linux-x86_64') outside of a valid path. And as noted by namcap, it's being installed by a PKGBUILD which claims it is an "any" package, which violates https://wiki.archlinux.org/title/PKGBUILD#arch A bit of digging around in the build process shows this is downloaded over the network during the build by: https://github.com/romkatv/powerlevel10k/blob/master/gitstatus/Makefile#L38 https://github.com/romkatv/powerlevel10k/blob/master/gitstatus/install rather than being built from source... the resulting binary is unverifiable (and doesn't follow site policy for build flags including e.g. security flags) and as such would need to be part of a correctly disclaimed "zsh-theme-powerlevel10k-bin" or "zsh-theme- powerlevel10k-bin-git" package. [1] https://aur.archlinux.org/account/eschwartz/ [2] https://aur.archlinux.org/pkgbase/zsh-theme-powerlevel10k-git/