macos-keychain

Purpose

This skill provides tools for managing macOS Keychain via the security CLI, handling secure storage of secrets like API keys, passwords, certificates, and codesigning, while interacting with the Secure Enclave for enhanced security.

When to Use

Use this skill when your application needs to store or retrieve sensitive data on macOS, such as API keys in scripts, manage certificates for app signing, or handle hardware-backed secrets via Secure Enclave. Apply it in automation, CI/CD pipelines, or apps requiring macOS-specific security.

Key Capabilities

• Store and retrieve generic passwords using Keychain services.
• Manage certificates and identities for codesigning apps or verifying connections.
• Interact with Secure Enclave for storing keys that require hardware protection.
• Add, delete, or search items in Keychain with fine-grained access controls.
• Handle API key storage with encryption, ensuring data is isolated per user or app.

Usage Patterns

Always run security commands via subprocess in scripts, prefixing with security and using flags for operations. For programmatic access, use the Security framework in Swift/Objective-C. Check for Keychain access prompts and handle user interactions. Use environment variables like $KEYCHAIN_ITEM_NAME for dynamic inputs to avoid hardcoding secrets.