Thanks for your report and observations @mattalytics and @franklinyu.
Homebrew depends on vigilant users like you!
Looking at the analytics, the
sublime cask has about 5,000 yearly installs. It’s difficult to tell how many of those installs are due to name confusion.
While I don’t have a strong opinion about removing the cask, 5k are quite a number.
No engines are currently reporting the binary as malicious.
I have just fired up Hopper to quickly reverse the binary. While the app does solicit PayPal donations, it doesn’t appear be malicious or deceptive; the code contained in the binary is consistent with the features it claims (drag/drop subtitle acquisition). The code reaches out to an XML-RPC service at
@mattalytics Can you confirm the app does not work at all for you?