If wrongly flagged, reach out to each security vendor manually - takes about 3-5 days to get them to rescan manually and remove any flags.
2. Check for any dodgy javascript libraries you might inadvertently be using. Specifically, just remove all non-relevant JS until you get approved, then you can slowly add them back in if really needed.
Super frustrating that Google has this much power, and totally ridiculous they want you to switch to .com (pretty sure that's an outsourced CS worker giving you a random suggestion).
Thanks I was trying this recently and it came back all green.
On a related note, one interesting thing I did discover, due to a small misconfiguration of NextJS + App Router, I was getting two </html> closing tags in my markup, which https://sitecheck.sucuri.net/ was flagging as potential site compromise, I guess because a site with malware injecting unwanted scripts could cause broken markup as a common side effect? Anyway I long since fixed that and it hasn't made a difference.
1. See if VirusTotal lists your site (including subdomains, app.domain and www.domain, etc): https://www.virustotal.com/gui/home/url
If wrongly flagged, reach out to each security vendor manually - takes about 3-5 days to get them to rescan manually and remove any flags.
2. Check for any dodgy javascript libraries you might inadvertently be using. Specifically, just remove all non-relevant JS until you get approved, then you can slowly add them back in if really needed.
Super frustrating that Google has this much power, and totally ridiculous they want you to switch to .com (pretty sure that's an outsourced CS worker giving you a random suggestion).