IMMINENT DANGER: the heuristics indicate that it can't be assured, that using the updater won't compromise the system. In the best case, the app publisher provides updated binaries with a patched version of Sparkle, which isn't vulnerable or avoids using unencrypted HTTP connections for retrieving the AppCast, as strongly encouraged by Sparkle's documentation. Alternative countermeasures may range from disabling auto-updates and not using the updater anymore, over restricting the app's network functionalities to putting the app under quarantine. UNKNOWN: the app was compiled against an older SDK, so that ATS is not active or there are exclusions from ATS, while the feed URL for the AppCast is not declared in the Info.plist, so it has to be programmatically provided, which can't be determined by statical analysis. Nevertheless the tool inspects all string literals in the executable to find all HTTP URLs, which might include the feed URL. This strategy has limits and can't catch URLs, which weren't fully hardcoded as strings or obfuscated in another way. The found URLs are printed for further investigation through the user to allow a better risk estimation. If an insecure URL serving an AppCast can be found, it is likely that the app is vulnerable, otherwise it can't be excluded.