Toggle sidebar Toggle sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

App Trust Preview - Check Apps before opening

IGHOR

IGHOR

macrumors member
Original poster
I made App Trust Preview, a Mac app that helps you understand another Mac app before you open it.

In plain language, not developer jargon, it shows what macOS can verify about an app's identity, protections, permissions, and internal components. The goal is simple: help you decide whether opening an app looks reasonable.

1.png


Everything happens locally:
  • Inspects .app bundles on your Mac
  • Never uploads the inspected app
  • Never launches the inspected app
  • Never modifies the inspected app
  • Does not grant or revoke permissions
  • The Mac app makes no network requests of its own
  • Certificate revocation status comes from macOS's own trust service

You can:
  • Drop an app onto the window
  • Choose an app from Finder
  • Select a .app bundle in Finder and press Space to use the included Quick Look preview

Each report starts with a clear verdict:
  • Strong safety signals
  • A few things to know
  • Some signals are weaker than usual
  • Not enough information

The report shows:
  • The most important findings before you open the app
  • Whether the app is signed and who signed it
  • Developer name, Team ID, bundle identifier, and version
  • Whether the app uses App Sandbox
  • Whether Hardened Runtime is enabled
  • Whether the signing certificate appears revoked
  • Whether the app is notarized by Apple
  • Whether the app declares or allows internet access
  • Whether the app may ask for privacy access
  • Whether internal helpers are signed and sandboxed
  • Detected technologies such as AppKit, Chromium, Electron, Flutter, Qt, SwiftUI, Java, Python, and more when they can be confirmed

Privacy access it may ask for includes:
  • Camera
  • Microphone
  • Location
  • Contacts
  • Calendar
  • Photos
  • Bluetooth
  • Apple Events
  • Screen Recording
  • Accessibility
  • Input Monitoring
  • Local Network
  • Other sensitive capabilities
3.png

When available, App Trust Preview can also show saved macOS privacy decisions such as Allowed, Denied, Limited, Add-only, Not determined, or Unknown.

If an app has not declared the required purpose string in its Info.plist, macOS will refuse to grant that permission. App Trust Preview shows that clearly instead of turning it into unnecessary fear.

App Trust Preview also explains what declared capabilities mean, including:
  • Internet
  • Files and folders
  • Privacy
  • Other apps
  • Devices
  • iCloud
  • Keychain
  • App groups
  • Associated domains
  • Hardened Runtime exceptions

Inside the app, it checks components such as:
  • Helper tools
  • Nested apps
  • App extensions
  • XPC services
  • Frameworks
  • Dynamic libraries
  • Plug-ins

Each component is checked for signing status and sandbox state. This helps reveal cases where a main app is sandboxed, but bundled helper programs are not.

Advanced details for power users include:
  • Certificate chain
  • Certificate fingerprints
  • Certificate validity dates
  • CDHashes
  • Designated requirement
  • Embedded provisioning profile
  • Mach-O architectures
  • Linked libraries
  • Entitlements
  • Quarantine status

Export reports as:
  • JSON
  • Plain text

App Trust Preview is not antivirus and does not guarantee that an app is safe or malware-free. It shows macOS security signals that can be verified from an app bundle on disk and explains what those signals mean in everyday words.

You do not need to know what "Hardened Runtime", "entitlements", or code-signing output means. App Trust Preview explains the practical result: what the app can access, what macOS will block, where protections are strong, and where you may want to look closer.

Find App Trust Preview in the Mac App Store or visit https://apptrustpreview.com
 
Last edited:
Thanks for the feedback!

I agree, Firefox is a good example where the wording needs more nuance.

What the app currently means is: Firefox is not using Apple’s App Sandbox entitlement. That does not mean Firefox has no sandboxing at all, because browsers can have their own process sandboxing model.

I am open to feature requests and wording improvements. What wording would you expect here so it is technically accurate but not misleading for apps like Firefox?
 
bogdanw said:
In my opinion, if an app is signed and notarized by Apple, it should be considered safe to open.
The rest should be presented as additional information.
Click to expand...
App Trust Preview can say an app looks safe to open, but not because it blindly trusts the developer or notarization. It says that when the app is packaged with strong limits, for example sandboxed, no broad network access, and no risky internal helpers. Warnings are not "this app is dangerous" flags. They are things the user may want to read before deciding.
 
turbineseaplane said:
How much AI was used to make this App?
Click to expand...
Very little AI was used in the actual app.

The idea is my own. I have been making apps since 2008, and App Trust Preview is native macOS software built on top of my own reusable library that I have developed over the years and use across my apps. That shared foundation is also one reason I can support older macOS versions instead of depending only on newer system APIs.

I use AI as a support tool for bug research, typo detection, code completion, translations, localization, and sometimes early UI direction sketches. English is not my native language, so AI is also helpful for wording.

The app itself is not vibe coded. The concept, product decisions, implementation, debugging, native UI work, and release are mine.
 
  • Like
Reactions: eltoslightfoot and turbineseaplane
IGHOR said:
App Trust Preview can say an app looks safe to open, but not because it blindly trusts the developer or notarization. It says that when the app is packaged with strong limits, for example sandboxed, no broad network access, and no risky internal helpers. Warnings are not "this app is dangerous" flags. They are things the user may want to read before deciding.
Click to expand...
By your criteria, Malwarebytes with network access, two launch daemons and a launch agent is really not safe 🙂

Ignore my opinions, I’m not a customer and never will be. I use free software https://www.mothersruin.com
 
  • Love
Reactions: turbineseaplane
bogdanw said:
By your criteria, Malwarebytes with network access, two launch daemons and a launch agent is really not safe 🙂
Click to expand...
I understand why it reads that way. The app does not have a "not safe to open" label. It shows "safe to open" only when the app is strongly limited, then uses warnings for everything else that deserves attention. Malwarebytes is exactly the kind of app where network access and background components are expected, so the warning is not "this is unsafe". It is "this app can do more, make sure that matches what you expect from it."
 
bogdanw said:
Ignore my opinions, I’m not a customer and never will be. I use free software https://www.mothersruin.com
Click to expand...
I am also a big fan of Apparency. It is a free app distributed outside the Mac App Store, and it exposes a lot of technical details about app bundles.

For me, Apparency is useful, but it is still a technical inspection tool. If someone does not already understand Hardened Runtime, entitlements, sandboxing, signatures, and provisioning profiles, it can be hard to interpret what actually matters.

App Trust Preview has a different focus. It tries to bring the important signals to the top and explain them in plain language. For example, a main app can be sandboxed while still shipping internal helper tools that are not sandboxed. That kind of difference matters, because a helper may be able to do more than the main app can. App Trust Preview highlights that directly instead of making the user dig through internals manually.

The Quick Look preview is also a big part of the difference for me. You can select an app in Finder, press Space, immediately see important signals, see which privacy permissions the app may request, and copy useful identifiers like the bundle ID for quick research. Apparency is great, but its Quick Look preview does not show the app's possible permission requests or provide that kind of quick copy workflow.

I am also open to feature requests, and I am already working on more features that go beyond what Apparency currently does.
 
Giving an opinion on other apps is tricky. For example, I started by inspecting Apparency for which you give: "High Caution. Strong reasons to think twice". Seems a bit harsh.

I have now looked at lots of the apps I have installed. A few are "High Caution", the rest are "Caution". And that includes apps from Apple, like Pages and Mail. I am sure you are right to say we should by cautious installing apps, but your app is likely to spread alarm and confusion.

At last I have found an app wth green: "Strong. Looks safe to open." At that was (drum roll): App Trust Preview.

Just because app needs entitlements, etc. to do its job doesn't make it untrustworthy.

I applaud the attempt to make something that is understandable by the non-techo, but to me your app doesn't do that. It would leave me worried about perfectly good apps and not being able to understand why.

From usability perspective, I found the QuickLook preview far too slow when using Finder's column view. I reverted that to Apparency.

For me, worth the 5 AUD for an interesting app for inspecting other apps. Gives me another view of apps. But I could not recommend it to anyone who didn't already have some understanding of the technicalities of macOS app protections.

IGHOR said:
The goal is simple: help you decide whether opening an app looks reasonable.
Click to expand...
Sorry to say it fails that unless you understand all the detail.
 
gilby101 said:
Sorry to say it fails that unless you understand all the detail
Click to expand...
Thank you for the detailed feedback. This is genuinely useful.

There is no special exception for App Trust Preview in the analysis. It goes through the same checks as any other app.

It shows as safe because of the actual bundle signals: it is sandboxed, has no network entitlement, is signed, and its certificate is not revoked. In other words, it is packaged in a way that strongly limits what it can do on the system.

I agree that if too many legitimate apps end up as "Caution" or "High Caution", the result can become confusing instead of helpful. That is not the goal. The goal is to turn macOS security signals into human-readable context, not to make users afraid of normal apps that need specific access to do their job.

Apparency will probably remain a little faster in Quick Look because it appears to do a lighter preview there. App Trust Preview checks internal components in Quick Look too, including helpers, extensions, frameworks and signing/sandbox state. That gives more context, but it also means more work before the preview is ready. I am still optimizing that path.

I am already working on improving the verdict logic, wording, and signal weighting so the app better distinguishes between "this is expected for this kind of app" and "this deserves closer review". I am also working on Quick Look performance.

I am open to feedback and feature requests. I will continue improving the app so the implementation better matches the main idea: clear, understandable pre-open signals for normal users, with enough detail for technical users.

I am also working on more features that are not currently available in Apparency. Feedback like yours helps me see what needs to be fixed first.
 
Last edited:
  • Like
Reactions: gilby101
gilby101 said:
Giving an opinion on other apps is tricky. For example, I started by inspecting Apparency for which you give: "High Caution. Strong reasons to think twice". Seems a bit harsh.
Click to expand...
I released fixes based on lots of feedback from the community. Please update and try v1.1.0. Let me know what you think now. I improved the speed as well.
 
IGHOR said:
I released fixes based on lots of feedback from the community. Please update and try v1.1.0. Let me know what you think now. I improved the speed as well.
Click to expand...
Thanks for the update. It is certainly improving. I do like the depths to which you analyse each app, and that is genuinely useful to those who know something about macOS app structure and protections that Apple puts in place. For the non-techie, I am not so sure.
 
The non-techie only needs to know if it is trustworthy or not (whatever trustworthy means). For that they rely on apps in App Store have been vetted by Apple and so, by definition, are considered trustworthy. I don't think the non-techie wants to be told to review the details.

To give advice about an app you need to understand the purpose of the app and whether the privacy settings are reasonable given its purpose. That sounds like a lot of work!

For me (15 year retired IT with security interests), you do expose lots of fascinating stuff about apps with a broader scope than Apparency.

bogdanw said:
Ignore my opinions, I’m not a customer and never will be. I use free software https://www.mothersruin.com
Click to expand...
I think you might to take a closer look. The approach is very different to Apparency.
 
  • Like
Reactions: IGHOR
gilby101 said:
I think you might to take a closer look. The approach is very different to Apparency.
Click to expand...
I understood that, but I don't need App Trust Preview.

I have a question, the latest images from the app's App Store page show for Chrome "Can ask to use the camera - Denied" & "Can ask to use the microphone - Allowed".
Are those read from Chrome's settings or from TCC?

App_Trust_Preview-Chrome.jpg
 
bogdanw said:
That should require Full Disk Access for App Trust Preview or the user manually selecting ~/Library/Application Support/com.apple.TCC/TCC.db & /Library/Application Support/com.apple.TCC/TCC.db
Click to expand...
Yes it does, once granted it is working as you would expect
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back