I think the main add of distro repositories is the repo maintainers sit as a review step between you and the project updates on e.g. GitHub, not that it enables you to better audit the code yourself. I'm not sure it's really all that effective in practical terms though.

Distros raise the probability that something will get caught, but it’s only that - increasing your chances not getting pwned… it’s still not bulletproof