They’re referring to Firefox forks which are available only in the AUR and not from the main repos. In that case there can be a level of risk, but you can manually review the PKGBUILD of whatever package you end up installing to verify that it’s not doing anything fishy when pulling sources.

Apart from that, you may also want to look into potentially installing a Flatpak. This still comes with some risk if it’s not official (packaged and published by the original devs), but AFAIK there’s at least some sort of vetting process for packages to be accepted into Flathub.

Odds are, it’s usually the opposite because they’re insecure and can’t handle when people do things differently from them.

If this isn’t projection then I don’t know what is.