Most of the time, there is no need to use Flatpak at all. Most software, especially if free and open source, is available on the AUR.
The AUR has the advantage that it is a fully transparent system. You build the package on your machine, so you can know where the software is sourced from and exactly what goes into the package. That’s very safe.
Flatpaks have two disadvantages: 1) they are statically linked (which means they 1a) take up a lot of disc space, and 1b) may contain older versions of dependencies which may have security flaws not yet fixed), and 2) you don’t know where the software is sourced from (you have to be very careful where you download the flatpak from, to make sure it’s a trustworthy source).
True, anyone can upload anything to the AUR, so if you are not careful, on very rare occasions, you can find something untrustworth or even malicious there (usually, it is a malicious command in the PKGBUILD file). But if you’re careful and inspect the PKGBUILD file, that’s not a big concern.