Closed ChaseKnowlden closed 2 weeks ago
@ChaseKnowlden, we already integrate with an internal security service at Microsoft for all submissions to the WinGet Community Repository. This service includes multiple AV partners. If you ever believe a package submission includes PUA, Malware, or any other security problem, we have a way for you to report the security incident. Thanks for being security minded!
Description of the new feature / enhancement
An integration to add VirusTotal into winget to prevent bad programs from being installed.
Proposed technical implementation details
Chocolatey already uses VirusTotal to check if the package you're trying to install has viruses. If so, then it would not be available to install.