Examples of techniques for detecting harmful applications prior to installation on a user device are disclosed. In one example implementation according to aspects of the present disclosure, a computer-implemented method includes: analyzing, by a processing device, a plurality of reviews for each version of a plurality of versions of an application to determine, based on each of the plurality of reviews, whether each version of the plurality of versions is harmful; and responsive to determining that a particular version of the plurality of versions is harmful, preventing a user from installing the particular version.