diff --git a/Library/Homebrew/cask/lib/hbc/audit.rb b/Library/Homebrew/cask/lib/hbc/audit.rb
index 1ea1522885..a3224380ab 100644
--- a/Library/Homebrew/cask/lib/hbc/audit.rb
+++ b/Library/Homebrew/cask/lib/hbc/audit.rb
@@ -33,6 +33,7 @@ module Hbc
       check_download
       check_single_pre_postflight
       check_single_uninstall_zap
+      check_untrusted_pkg
       self
     rescue StandardError => e
       odebug "#{e.message}\n#{e.backtrace.join("\n")}"
@@ -50,6 +51,18 @@ module Hbc
 
     private
 
+    def check_untrusted_pkg
+      odebug "Auditing pkg stanza: allow_untrusted"
+
+      return if @cask.sourcefile_path.nil?
+
+      tap = @cask.tap
+      return if tap.nil? || tap.user != "caskroom"
+
+      return unless cask.artifacts.any? { |k| k.is_a?(Hbc::Artifact::Pkg) && k.stanza_options.key?(:allow_untrusted) }
+      add_warning "allow_untrusted is not permitted in official Homebrew-Cask taps"
+    end
+
     def check_single_pre_postflight
       odebug "Auditing preflight and postflight stanzas"
 
diff --git a/Library/Homebrew/test/cask/audit_spec.rb b/Library/Homebrew/test/cask/audit_spec.rb
index f8462ea568..93da10d0eb 100644
--- a/Library/Homebrew/test/cask/audit_spec.rb
+++ b/Library/Homebrew/test/cask/audit_spec.rb
@@ -91,6 +91,25 @@ describe Hbc::Audit, :cask do
       end
     end
 
+    describe "pkg allow_untrusted checks" do
+      let(:error_msg) { "allow_untrusted is not permitted in official Homebrew-Cask taps" }
+
+      context "when the Cask has no pkg stanza" do
+        let(:cask_token) { "basic-cask" }
+        it { should_not warn_with(error_msg) }
+      end
+
+      context "when the Cask does not have allow_untrusted" do
+        let(:cask_token) { "with-uninstall-pkgutil" }
+        it { should_not warn_with(error_msg) }
+      end
+
+      context "when the Cask has allow_untrusted" do
+        let(:cask_token) { "with-allow-untrusted" }
+        it { is_expected.to warn_with(error_msg) }
+      end
+    end
+
     describe "preflight stanza checks" do
       let(:error_msg) { "only a single preflight stanza is allowed" }
 
diff --git a/Library/Homebrew/test/support/fixtures/cask/Casks/with-allow-untrusted.rb b/Library/Homebrew/test/support/fixtures/cask/Casks/with-allow-untrusted.rb
new file mode 100644
index 0000000000..3f2c294ed7
--- /dev/null
+++ b/Library/Homebrew/test/support/fixtures/cask/Casks/with-allow-untrusted.rb
@@ -0,0 +1,11 @@
+cask 'with-allow-untrusted' do
+  version '1.2.3'
+  sha256 '8c62a2b791cf5f0da6066a0a4b6e85f62949cd60975da062df44adf887f4370b'
+
+  url "file://#{TEST_FIXTURE_DIR}/cask/MyFancyPkg.zip"
+  homepage 'http://example.com/fancy-pkg'
+
+  pkg 'Fancy.pkg', allow_untrusted: true
+
+  uninstall pkgutil: 'my.fancy.package.*'
+end