Comment by nodja
10 hours ago
Windhawk mods are distributed as source code and WH itself compiles it. It works the same way usescripts work with tampermonkey/violentmonkey on browsers.
If a mod includes malware it'll be very obvious as mods are usually small.
Top tier malware can be incredibly terse and sophisticated. The trigger line to execute the xz exploit was a `.` in a build script. You are probably fine do to sheer obscurity - nerds who yearn for a Win9X experience are low in number and might only be running it for a laugh in a VM.
It's not just for "nerds" if that's what you're implying. I use the "Multirow taskbar for Windows 11" Windhawk mod because I recently upgraded from Windows 10 to Windows 11, which removed the ability to have more than one row on the taskbar.
There's a malware risk in literally every piece of software. Windows itself behaves as malware with all the telemetry it gathers.
The tiny fraction of computer users who have the capability and interest to do this qualifies as nerds in my book. I did not realize this was still a pejorative on a forum where we are mostly all technical experts in some domain or another. It is your computer - go nuts.