Disclosed are an application security protection method, a terminal, and a storage medium. The method includes the steps of: monitoring whether an application software protection triggering condition is satisfied (S301); if yes, judging whether current application software is malicious software (S302); if yes, providing prompt information indicating that the current application software is malicious software (S303); and when an opening continuing instruction for continuing to open the current application software is received (S304), starting the current application software (S305). The application security protection method, the terminal and the storage medium greatly improve the security when an application program runs at the terminal.