Trust Model
Verscout is designed to use the right update path for each source while surfacing compatibility, signature, Team ID, and rollback signals before an update goes wrong.
Local-first discovery
Scanning happens on your Mac. Verscout inspects local installs first, then queries public registries and vendor feeds only to resolve version and update metadata.
Compatibility before convenience
Verscout warns when the newest release requires a newer macOS and prefers the safest compatible path over blindly chasing the latest version number.
Trust checks on app bundles
For supported macOS apps, Verscout surfaces codesign, Team ID, notarization, and hardened-runtime signals so publisher changes are visible before you update.
Blocklist-aware updates
Known bad software is checked against Apple XProtect signals and Verscout's threat data before the app encourages you to update or relaunch it.
Rollback where the platform allows it
For supported standalone bundle replacements, Verscout can back up the prior app bundle and restore it when a replacement fails.
Source-specific execution
Verscout does not pretend every source works the same way. Homebrew, App Store, Sparkle, GitHub, and vendor-specific updaters each keep their appropriate execution path.