Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From terminal
Queries macOS quarantine SQLite database to trace file download origins, apps, URLs, dates, and perform audits. Useful for security reviews, source lookups, and history clearing.
npx claudepluginhub nathanvale/side-quest-marketplace-old --plugin terminalHow this skill is triggered — by the user, by Claude, or both
Slash command
/terminal:quarantineThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Query the macOS quarantine database to understand where files came from.
Diagnoses macOS issues: kernel panics, failing drives, slow boot, TCC permission denials, APFS snapshot bloat, wake failures, launchd audits, and startup item triage via logs, diskutil, and sysdiagnose.
Executes threat hunting queries using SentinelOne PowerQuery on Singularity Data Lake, explains pipeline syntax, manages time ranges with get_timestamp_range and iso_to_unix_timestamp, analyzes results.
Extracts and analyzes browser history, cookies, cache, downloads, and bookmarks from Chrome, Firefox, and Edge for forensic evidence of user web activity.
Share bugs, ideas, or general feedback.
Query the macOS quarantine database to understand where files came from.
Use this skill when users ask about:
| Tool | Description | Destructive |
|---|---|---|
quarantine_recent | Recent downloads | No |
quarantine_search_app | Search by app name | No |
quarantine_search_url | Search by URL pattern | No |
quarantine_by_date | Filter by date range | No |
quarantine_apps | Apps ranked by download count | No |
quarantine_audit_week | Weekly audit summary | No |
quarantine_oldest | Oldest download record | No |
quarantine_clear | Clear history (requires confirm) | YES |
Recent downloads:
quarantine_recent({ limit: 20 })
Find Safari downloads:
quarantine_search_app({ name: "Safari" })
Downloads from GitHub:
quarantine_search_url({ pattern: "github.com" })
Weekly audit:
quarantine_audit_week()
Clear history (DANGEROUS):
quarantine_clear({ confirm: true })
~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2