Microsoft is quietly moving toward a future where Windows package operations require client-side verification. This is part of the same push behind Windows Defender Application Control (WDAC) and Smart App Control.
While WinGet supports community submissions, you can force the client to prioritize the strictly audited Microsoft Store over the community repo, ensuring a highly verified footprint. microsoft winget client verified