I would have added a warning pre sudo call detailing the location of sudobin if it's different from /usr/bin/sudo

Why? We don't do it with any other commands.

Because changing yay's sudo bin and flags can potentially allow the execution of other commands as root.
If we can't prevent it, at least a small warning would be nice.

I guess. But a malicious program could instead change pacmanbin to a script that prompts you for your password or makes a call to sudo. It could also place a sudo binary somewhere in home and add it to path. Hell it could probably redirect all your input to a file or log your keys.

So I don't really think sudo specifically makes it any less secure.

But a malicious program could instead change pacmanbin to a script that prompts you for your password or makes a call to sudo

Kind of in a different issue., since the "solution" would be to print all commands executed or do the same for pacmanbin and print when it's altered from /usr/bin/pacman

It could also place a sudo binary somewhere in home and add it to path. Hell it could probably redirect all your input to a file or log your keys.

Yes, then it would be different from /usr/bin/sudo and be printed.

The objective is not to impede user action, just inform

Surely you would have to impede the user though by adding a prompt. Otherwise you're adding a warning but still calling the potentially malicious script right after.

In case of sudo commands (without NOPASSWD) or malicious sudo asking for a password, it will be prompting right below for said password.

In this scenario you're assuming user level is already compromised so executing a malicious script just in the user directories would be out of scope already.

Isn't the entire point of the warning for the case there's a malicious script? Anyway my point is the entire thing is out of scope.