Why AppStore submission process sucks!
They only check the binary to see if they use any private API nothing other than that. Sometimes they reject the app and give you a reason that it doesn’t fit with their HIG standards. Eg., one of our app got rejected for this reason. They said + button should be used when you use add contacts to the app from Address book. But the same + icon was used in USA Today app and is available in appstore. Moreover we just copied the idea to have + to show larger images.
If you help your customer from saving time to find the good apps and you concern about their security then you should have more checklist other than plain API lookup in the binary. For eg., there is an app called 53000+ Famous Quotes but actually it contains around 32100 quotes only. Please refer the image below.