I am specifically trying to install a command in order to burn to a dvd (on tails OS). I am wondering how I can verify terminal commands that I install with sudo apt install. For example I need to be able to use the command growisofs and also genisoimage but it seems like I am just trusting that the download of these two commands is safe, when something could be malicious, so is there a way to verify them?
I noticed when I ran sudo apt install growisofs it said that I only needed the growisofs_7.1-14+b1_amd64.deb package. It also said it was pulling from tor+https://deb.debian.org/debian bullseye/main amd64 growisofs amd64 7.1-14+b1. This made me wonder if there is a debian public key and detached signature of this file or a signed file with sha hashes?