Agent-Skills.md

Agent Skills: sandbox-entitlements-auditor

Audit and recommend minimal sandbox entitlements for secure desktop applications

UncategorizedID: a5c-ai/babysitter/sandbox-entitlements-auditor

Repository

a5c-ai/babysitter
a5c-aiLicense: MIT
244

Install this agent skill to your local

pnpm dlx add-skill https://github.com/a5c-ai/babysitter/tree/HEAD/plugins/babysitter/skills/babysit/process/specializations/desktop-development/skills/sandbox-entitlements-auditor

Skill Files

Browse the full folder contents for sandbox-entitlements-auditor.

Download Skill

Loading file tree…

plugins/babysitter/skills/babysit/process/specializations/desktop-development/skills/sandbox-entitlements-auditor/SKILL.md

Skill Metadata

Name
sandbox-entitlements-auditor
Description
Audit and recommend minimal sandbox entitlements for secure desktop applications

sandbox-entitlements-auditor

Audit existing entitlements and recommend minimal sandbox permissions for secure desktop applications, primarily for macOS but applicable concepts for other platforms.

Capabilities

  • Analyze current entitlements usage
  • Detect over-permissioned configurations
  • Recommend minimal entitlement sets
  • Check for security anti-patterns
  • Verify MAS compliance
  • Generate audit reports

Input Schema

{
  "type": "object",
  "properties": {
    "projectPath": { "type": "string" },
    "entitlementsPath": { "type": "string" },
    "targetDistribution": { "enum": ["mas", "direct", "both"] }
  },
  "required": ["projectPath"]
}

Audit Checks

  • Unnecessary file system access
  • Broad network permissions when not needed
  • Hardened runtime exceptions
  • JIT compilation allowance
  • Library validation disabling

Related Skills

  • macos-entitlements-generator
  • security-hardening process