How to verify the authenticity of packages when using: “sudo apt install [package name here]”

I am specifically trying to install a command in order to burn to a dvd (on tails OS). I am wondering how I can verify terminal commands that I install with sudo apt install. For example I need to be able to use the command growisofs and also genisoimage but it seems like I am just trusting that the download of these two commands is safe, when something could be malicious, so is there a way to verify them?

I noticed when I ran sudo apt install growisofs it said that I only needed the growisofs_7.1-14+b1_amd64.deb package. It also said it was pulling from tor+ bullseye/main amd64 growisofs amd64 7.1-14+b1. This made me wonder if there is a debian public key and detached signature of this file or a signed file with sha hashes?

I know I am late to your question but I thought I would point you toward this article that describes apt keys and how packages are validated.

There are ways for people to publish malicious packages. See the below article:

I hope this helps