[ASalazarMX]

Depending on the use, the server could be immune to malware and still transmit it to their clients.

[nix23]

Then check the binary before installation/tests if you have to, but not on the linux build server itself...that's ridiculous. A HIDS would be the the answer, so you can be ~sure that your tools are not altered to inject code into your compiled product.

[ASalazarMX]

I'm guessing they're covering the case where a feature or a vulnerability allows uploading Windows malware and exposing it with other users.