Describir: Assessing and Mitigating Emerging Threats in the Mobile Software Supply Chain