SKILL: macOS Process Injection — Expert Attack Playbook

AI LOAD INSTRUCTION: Expert macOS process injection techniques. Covers DYLD_INSERT_LIBRARIES, dylib hijacking (weak/rpath/proxy), XPC PID reuse attacks, Mach port manipulation, MIG abuse, and Electron injection. Base models miss entitlement prerequisites and SIP constraints on injection vectors.

0. RELATED ROUTING

Before going deep, consider loading:

• macos-security-bypass when you need to bypass TCC, Gatekeeper, or SIP protections blocking your injection
• linux-privilege-escalation for Unix-layer escalation (shared object hijacking concepts apply)

Advanced Reference

Also load DYLIB_XPC_TECHNIQUES.md when you need:

• Step-by-step dylib hijacking methodology with tooling commands
• XPC exploitation walkthrough with code examples
• Mach port technique details and task_for_pid patterns