Spanda

Package tampering showcase

Verify-time trust scoring when a suspicious third-party import is added after approval.

Commands

spanda tamper-check examples/showcase/package_tampering/approved.sd
spanda tamper-check examples/showcase/package_tampering/tampered.sd

The tampered variant adds import untrusted.vendor_payload and should report a lower trust score than the approved baseline.

One command

spanda demo trust

Smoke: scripts/trust_showcase_smoke.sh

See docs/tamper-detection.md ยท docs/package-trust.md.