The problem is that it would be dangerous for any FOSS developer to be chosen among those who can see their sources for obvious legal reason. Anyone willing to be exposed to Microsoft's IP and NDAs that way is probably already so tied to them that we couldn't count on any independent security auditing and reporting without Microsoft authorizing it.