Security & Safety
Secure Mods. Seamless Installs.
How We Protect Your System
At ModVault, we treat mod safety with the same rigor as enterprise software distribution. Every .zip, .rar, and .dll uploaded to our repository undergoes a mandatory, automated deep-scan pipeline before it ever reaches a public download page.
Our infrastructure utilizes a multi-engine approach, routing every asset through ClamAV, Sophos, and BitDefender simultaneously. If any engine flags a heuristic anomaly, the file is instantly quarantined and queued for manual review by our security operations team. Furthermore, we enforce strict SHA-256 hash verification. When you download a mod, our client validates the file's cryptographic signature against our immutable ledger to ensure zero-byte tampering occurred during transit.
We also champion developer sovereignty through cryptographic signing. Trusted creators can generate and upload PGP keys to sign their releases. This "Chain of Trust" ensures that the code you are installing is exactly what the author intended, preventing man-in-the-middle injections or malicious forks of popular mods.
Understanding Trust Badges
We make safety visible. Every mod page features a distinct set of trust badges that communicate the asset's verification status at a glance.
Clean Scan Badge
Indicates the mod has passed all five anti-malware engines with a 0% threat score. This badge is refreshed every time a developer pushes a new patch or version update.
Verified Developer Badge
Awarded to authors who have completed identity verification and successfully bound a PGP public key to their ModVault profile. Guarantees the modder is a real person accountable for their code.
Source Matched Badge
Confirms that the uploaded binary matches the public source code hosted on the developer's linked GitHub or GitLab repository. Essential for open-source tools and transparent scripting.
Your safety is our highest priority. If you ever suspect a mod has been compromised or notice suspicious behavior, our threat reporting system allows you to submit the file hash directly to our security team for immediate investigation.