I don’t see how they accomplish that, though they may have some rudimentary code auditing. App sandboxing seems to be a more effective means to that end. App stores and Linux repositories do seem to help prevent imposter software.