Just remember, the current implementation (CTP) is a prototype, and the features that we're aiming for aren't all there :D
Aren't there security concerns around using Chocolatey scripts?
The current implementations of Chocolatey has a tight, small-community built up around them, and packages are published by those involved in the community. Certainly it currently has a lot of implicit trust of the package publishers, and as such, could easily
be subverted for nefarious purposes. Our goal is to work with the community to drive the design and implementation of Chocolatey and drastically improve the security and verifiability of Chocolatey packages so that consumers are protected from malware.