diff --git a/spread-tests/mount-profiles-bin-snap-source/task.yaml b/spread-tests/mount-profiles-bin-snap-source/task.yaml
new file mode 100644
index 0000000..12ec682
--- /dev/null
+++ b/spread-tests/mount-profiles-bin-snap-source/task.yaml
@@ -0,0 +1,18 @@
+summary: Check that apparmor profiles prevents bind mounting /snap/bin anywhere
+# This is blacklisted on debian because we first have to get the dpkg-vendor patches
+systems: [-debian-8]
+restore: |
+    snap remove snapd-hacker-toolbelt
+    rm -rf /var/snap/snapd-hacker-toolbelt
+    rm -f /var/lib/snapd/mount/snap.snapd-hacker-toolbelt.busybox.fstab
+execute: |
+    echo "Having installed the snapd-hacker-toolbelt snap"
+    snap list | grep -q snapd-hacker-toolbelt || snap install snapd-hacker-toolbelt
+
+    echo "We can change its mount profile externally to create bind mount /snap/bin somewhere"
+    echo "/snap/bin -> /snap/snapd-hacker-toolbelt/"
+    mkdir -p /var/lib/snapd/mount
+    echo "/snap/bin /snap/snapd-hacker-toolbelt none bind,ro 0 0" > /var/lib/snapd/mount/snap.snapd-hacker-toolbelt.busybox.fstab
+
+    echo "We can now run busybox.true to check if snap-confine allows the profile"
+    ! ( cd / && /snap/bin/snapd-hacker-toolbelt.busybox true )