Skills

seatbelt-sandboxer

Installation
Summary

Generate minimal, allowlist-based macOS Seatbelt sandbox profiles for application isolation.

  • Profiles restrict file, network, process, and IPC access through deny-all defaults with explicit allowlists across 15+ resource categories
  • Includes step-by-step profiling methodology: identify requirements, start minimal, add file/network access, test iteratively with sandbox-exec
  • Supports parameter substitution (HOME, WORKING_DIR) and path filters (subpath, literal, regex) for flexible configuration
  • Handles multi-command applications by creating separate profiles per subcommand with a helper script dispatcher
  • Provides network isolation options: block all, localhost-only, or unrestricted; includes common failure modes and fixes
SKILL.md

macOS Seatbelt Sandbox Profiling

Generate minimally-permissioned allowlist-based Seatbelt sandbox configurations for applications.

When to Use

  • User asks to "sandbox", "isolate", or "restrict" an application on macOS
  • Sandboxing any macOS process that needs restricted file/network access
  • Creating defense-in-depth isolation if supply chain attacks are a concern

When NOT to Use

  • Linux containers (use seccomp-bpf, AppArmor, or namespaces instead)
  • Windows applications
  • Applications that legitimately need broad system access
  • Quick one-off scripts where sandboxing overhead isn't justified

Profiling Methodology

Related skills

More from trailofbits/skills

Installs
1.7K
Repository
trailofbits/skills
GitHub Stars
5.1K
First Seen
Feb 26, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass