* Add --batch, since gpg is run in a script.
* Add --no-armor (this is the default). Armored output provides no benifit here.
* Add --no-include-key-block (this is the default). There is no need to have the gpg key in the signature. The mkinitcpio hook will verify the signature against the included keyring.

Remove the output files before running gpg. Otherwise gpg --batch will fail if they exist.