I will quote some ideas that I’ve posted recently:
For terminal: put the word “official” somewhere when the snap is from the official developer so people can trust it and install it. For stores: a green checkmark ✓ with the word official near the name of the developer would be helpful.
It could be “official” or “trusted” or similar concept, the idea is to ensure the user that he is not being misled and installing a random snap from a random person.
Also, about comments/reviews reminds of Arch’s AUR, they have a way to mitigate the problem too, they use a Popularity rank, it’s usually a bad idea to install anything from the AUR that has 0.00 popularity or near 0.
Arch’s Trusted Users:
- https://wiki.archlinux.org/index.php/Trusted_Users
- https://wiki.archlinux.org/index.php/AUR_Trusted_User_Guidelines
There are other ways to improve this, for example the total downloads of a snap could be used, or the same data by downloads/month or another time period. The idea behind is “if it’s popular it’s probably safe”, this is not always true but it helps, it adds another layer of security.