Description
Minisign signatures can be verified against a curated trusted-key list from the command line. Developers and administrators use minitrust when they want signature checks to rely on known public keys instead of manual key lookup each time.
It is a verification tool, not an antivirus scanner. Trust depends on the quality of the key list and on keeping that list protected from unwanted changes.