macos-security

Purpose

This skill enables the AI agent to manage macOS security features, including XProtect for malware detection, MRT for removal, TCC for privacy permissions, quarantine attributes, code signing validation, and security audits. Use it to harden macOS systems against threats and ensure compliance.

When to Use

Apply this skill during system hardening routines, app deployment checks, privacy audits, or malware scans. Use it for new macOS setups, software installations, or when troubleshooting security issues like unauthorized app access or unsigned binaries.

Key Capabilities

• Detect malware via XProtect by querying the latest definitions and scanning files.
• Run MRT to remove known threats from the system.
• Manage TCC permissions to control app access to sensitive data like camera or contacts.
• Inspect and remove quarantine flags on downloaded files to allow execution.
• Validate code signing for apps to ensure they are from trusted developers.
• Perform security audits using system logs to identify potential breaches.

Usage Patterns

Invoke this skill in scripts for automated hardening, e.g., during VM provisioning or CI/CD pipelines for macOS apps. Use it reactively for incident response or proactively in scheduled tasks. For AI agents, call it via function wrappers that handle macOS-specific commands, ensuring elevated privileges with sudo where needed. Pattern: Check security status first, then apply fixes.