The security team has drafted a list of security "red flags" for us to look for when doing application reviews. They're still refining it as a group, but would appreciate any questions or other feedback from us: https://wiki.ubuntu.com/PostReleaseApps/SecurityChecklist Allison