Abstract: Computer executable instructions including code sections are received and compared to previously analyzed computer executable instructions. The code sections are then analyzed and assigned a risk score. If the risk score is over a threshold, an alarm may be communicated or the system may substitute computer executable instructions that may have been created according to a standard or have been previously approved.