Get DMGKit

Inspector

DMGKit Inspector: The macOS DMG Security and Trust Analyzer

Learn how DMGKit Inspector checks signing, notarization, Gatekeeper status, trust score, hashes, and installer readiness for macOS DMG and PKG files.

Updated June 2026InspectorDMGKit Guide

Distributing or downloading macOS apps should not feel like a gamble. DMGKit Inspector helps developers and end users understand whether a DMG or PKG looks trusted, signed, notarized, and ready to open.

Instead of forcing people to run multiple Terminal commands and interpret raw output, Inspector turns Mac distribution trust signals into a readable report.

Why installer verification matters

Mac apps are commonly distributed as DMG or PKG files. But a file that mounts successfully is not automatically trustworthy.

  • The app may be unsigned.
  • The signature may be broken.
  • The notarization ticket may be missing.
  • The installer may contain unexpected files.
  • The file may have been modified after signing.

What DMGKit Inspector checks

  • Code signing validity.
  • Developer identity.
  • Apple notarization status.
  • Gatekeeper assessment.
  • Stapled ticket presence.
  • SHA-256 hash.
  • Bundle structure.
  • Mountability and file integrity.

Manual checks Inspector replaces

codesign -dv --verbose=4 "YourApp.app"
spctl -a -vvv --type execute "YourApp.app"
xcrun stapler validate "YourApp.app"
hdiutil verify "YourInstaller.dmg"
shasum -a 256 "YourInstaller.dmg"

These commands are powerful, but they are not friendly to every developer and almost never friendly to normal users.

Trust score

DMGKit Inspector summarizes results into a trust-oriented report. A high score means the file presents expected security signals. A lower score tells you where to investigate before distributing or installing.

The DMGKit release loop

Design → Sign → Notarize → Export → Inspect → Ship

That loop gives developers a complete path from polished installer design to final trust verification.

Ship cleaner Mac releases

Design, notarize, inspect, and distribute from one native workflow.

DMGKit helps developers turn a fragile release checklist into a polished, repeatable Mac distribution process.

Get DMGKitDownload DMGKit Inspector

FAQ

Is DMGKit Inspector free?

Yes. DMGKit Inspector is positioned as a free companion utility.

Does Inspector replace Apple notarization?

No. It helps analyze trust signals, but Apple notarization remains Apple’s own process.

Can end users use Inspector?

Yes. Inspector is useful for developers and users who want more confidence before opening a downloaded installer.

Related guides

Notarize Mac appsRead next →Add legal agreementsRead next →First setup guideRead next →