To update separately use:
sudo pacman -Syu
for updating from the normal repos, and:
for updating the AUR packages only.
I will point out that yay on its own can update everything in one go, if that is your wish. I tend to do them separately myself, as pacman updates tend to be daily (more or less) and AUR updates are more likely to be after a week or so…
As for the security and timeliness of AUR packages - normally they are pretty good - but it never hurts to research a bit further. Something like LibreWolf is widely used, and problems would be quick to surface if experienced. A rough guide to that is found in the “Votes” and “Popularity” columns shown when looking up a package on the AUR (preferably before installing). Asking also works pretty well!