applescript_skill
- Shell
25
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill martinholovsky/claude-skills-generator --skill applescript- SKILL.md14.7 KB
Overview
This skill is an expert AppleScript and JXA (JavaScript for Automation) toolkit for secure macOS system scripting. It focuses on safe script composition, controlled osascript execution, and automation patterns that minimize security and stability risks. It is explicitly designed for high-risk environments and enforces strict input filtering and execution controls.
How this skill works
The skill inspects AppleScript and JXA code for blocked patterns, disallowed application access, and unsafe shell usage before executing via osascript or compiled scripts. It provides helpers to safely interpolate inputs, build allowlisted shell invocations, cache compiled scripts, and run with timeouts and audit logging. It also validates application dictionaries to ensure target apps are scriptable and not on a blocklist.
When to use it
- Automating interactions with scriptable macOS applications while enforcing security controls
- Running repeatable system tasks that must not escalate privileges or download code
- Embedding AppleScript/JXA operations inside backend tooling with strict input validation
- Batching GUI or System Events operations to improve performance without activating apps
- Testing and validating automation flows with TDD before deployment
Best practices
- Always sanitize and escape all untrusted inputs; use quoted form of for shell args
- Block dangerous patterns (sudo, rm -rf, curl | sh) and disallowed apps (keychains, password managers)
- Enforce execution timeouts and comprehensive audit logging for every run
- Prefer compiled/cached scripts or batch scripts to reduce repeated osascript invocations
- Use allowlists for shell commands and validate app dictionaries before calling
Example use cases
- Safely automate Finder or Mail tasks that involve file moves or metadata updates
- Batch window management and UI interactions without repeatedly activating apps
- Run controlled system queries (whoami, date, ls) from automation with argument quoting
- Validate whether an app is scriptable before building automation workflows
- Integrate JXA snippets for modern JavaScript-based automation with blocked-shell protection
FAQ
No. Never execute arbitrary user scripts. Use templates, sanitize parameters, and check blocked patterns before execution.
How are shell commands restricted?
Shell commands must be allowlisted and all arguments quoted or passed via quoted form of. Administrator privilege requests are blocked.
How does the skill prevent privilege escalation?
It detects and blocks patterns requesting administrator privileges, disallows do shell script with admin, and enforces application blocklists.