🍺 BREW Explorer

← all casks

Suspicious Package

brew install --cask suspicious-package v4.6.1,1311.3

Inspect macOS installer package contents, scripts, and metadata before installation.

Why you might care

Lets you peer inside .pkg and .mpkg files to see exactly what will be installed, where, and what scripts will run—useful for security audits or understanding what an installer does before executing it. Free and lightweight.

Categories

security system-utility

Alternatives

Pacifist xar
265
30-day installs · #749
833
90-day · #734
3.7k
365-day · #620

Links

Blurb generated by claude-haiku-4-5 on today.

Raw metadata 
{
  "alternatives": [
    "Pacifist",
    "xar"
  ],
  "artifacts": [
    {
      "app": [
        "Suspicious Package.app"
      ],
      "target": "/Applications/Suspicious Package.app"
    },
    {
      "binary": [
        "$APPDIR/Suspicious Package.app/Contents/SharedSupport/spkg"
      ],
      "target": "$HOMEBREW_PREFIX/bin/spkg"
    },
    {
      "zap": [
        {
          "trash": [
            "~/Library/Application Scripts/com.mothersruin.SuspiciousPackageApp.QLPreview",
            "~/Library/Application Support/com.apple.sharedfilelist/com.apple.LSSharedFileList.ApplicationRecentDocuments/com.mothersruin.suspiciouspackageapp.sfl*",
            "~/Library/Caches/com.mothersruin.SuspiciousPackageApp",
            "~/Library/Caches/com.mothersruin.XPCService.UpdateChecker",
            "~/Library/Containers/com.mothersruin.SuspiciousPackageApp.QLPreview",
            "~/Library/Preferences/com.mothersruin.SuspiciousPackage.plist",
            "~/Library/Preferences/com.mothersruin.SuspiciousPackageApp.plist",
            "~/Library/Saved Application State/com.mothersruin.SuspiciousPackageApp.savedState",
            "~/Library/WebKit/com.mothersruin.SuspiciousPackageApp"
          ]
        }
      ]
    }
  ],
  "auto_updates": null,
  "categories": [
    "security",
    "system-utility"
  ],
  "deprecated": 0,
  "deprecation_reason": null,
  "desc": "Application for inspecting installer packages",
  "disable_reason": null,
  "disabled": 0,
  "display_name": "Suspicious Package",
  "enrichment_fetched_at": "2026-06-20T22:49:59+00:00",
  "first_seen": "2026-06-20T00:47:34+00:00",
  "full_token": "suspicious-package",
  "github_default_branch": null,
  "github_last_commit_at": null,
  "github_readme_excerpt": null,
  "github_repo": null,
  "github_stars": null,
  "github_topics": [],
  "homepage": "https://www.mothersruin.com/software/SuspiciousPackage/",
  "homepage_og_description": null,
  "homepage_og_image": "https://www.mothersruin.com/software/SuspiciousPackage/images/og-image.png",
  "homepage_title": "Mothers Ruin Software | Suspicious Package",
  "installs_30d": 265,
  "installs_365d": 3741,
  "installs_90d": 833,
  "last_seen": "2026-06-20T00:47:34+00:00",
  "llm_generated_at": "2026-06-20T23:05:24+00:00",
  "llm_model": "claude-haiku-4-5",
  "names": [
    "Suspicious Package"
  ],
  "one_liner": "Inspect macOS installer package contents, scripts, and metadata before installation.",
  "rank_30d": 749,
  "rank_365d": 620,
  "rank_90d": 734,
  "raw_hash": "9c024f109a1020de",
  "ruby_source_path": "Casks/s/suspicious-package.rb",
  "tap": "homebrew/cask",
  "token": "suspicious-package",
  "version": "4.6.1,1311.3",
  "why_use_this": "Lets you peer inside .pkg and .mpkg files to see exactly what will be installed, where, and what scripts will run\u2014useful for security audits or understanding what an installer does before executing it. Free and lightweight."
}