audit-mac-app
CommunityAudit Mac apps for security risks.
Authorbenthamite
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This skill helps you audit macOS applications to ensure they are safe to run, especially those requesting sensitive permissions, by systematically checking their security posture.
Core Features & Use Cases
- Code Signing & Notarization Checks: Verifies the integrity and authenticity of the application.
- Entitlement Analysis: Identifies permissions requested by the app and classifies their risk.
- App Type Detection: Determines if the app is Electron-based or native, influencing auditability.
- Source Code Extraction: Extracts JavaScript source for Electron apps for deeper inspection.
- Security Pattern Scanning: Searches for network endpoints, obfuscation, and hardcoded secrets.
- Electron Configuration Review: Checks for insecure settings like
nodeIntegration: true. - Persistence Mechanism Check: Looks for indicators of the app trying to persist on the system.
- Use Case: Before installing a new app from an unknown developer that asks for screen recording access, use this skill to perform a thorough security audit to understand its potential risks.
Quick Start
Run the automated scanner for the application located at /Applications/ExampleApp.app.
Dependency Matrix
Required Modules
npx
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: audit-mac-app Download link: https://github.com/benthamite/dotfiles/archive/main.zip#audit-mac-app Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.