Verifying a Script
Verifying a script determines whether the script that you are about to run is from a trusted source. It also allows you to confirm the integrity of the script. WSH verifies scripts before it attempts to run them, but you may have your own reason to verify a script.
Script verification is accomplished programmatically with the Signer object's VerifyFile method.
The VerifyFile method:
Verifies the validity of the signature.
Verifies that the signature belongs to a person who is trusted in your Trusted Publishers List.
Verifies that the script has not been changed since it was signed.
Although the VerifyFile method programmatically confirms the digital signature, you should always ensure that you really trust the trusted roots in the Trusted Publishers List.