Verify-time trust scoring when a suspicious third-party import is added after approval.
spanda tamper-check examples/showcase/package_tampering/approved.sd
spanda tamper-check examples/showcase/package_tampering/tampered.sd
The tampered variant adds import untrusted.vendor_payload and should report a lower trust score than the approved baseline.
spanda demo trust
Smoke: scripts/trust_showcase_smoke.sh