Skill

signing-entitlements

Inspect signing, entitlements, hardened runtime, and Gatekeeper issues for macOS apps. Use when asked to diagnose code signing failures, missing entitlements, sandbox problems, notarization prerequisites, or trust-policy launch errors.

npx claudepluginhub robinebers/converted-plugins --plugin build-macos-apps

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/build-macos-apps:signing-entitlements

User invocable

Model invocable

Inline context

Default effort

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Use this skill when the failure smells like codesigning rather than compilation:

SKILL.md

59 lines · ~468 tokens

Similar Skills

using-superpowers

193.2k

Mandates invoking relevant skills via tools before any response in coding sessions. Covers access, priorities, and adaptations for Claude Code, Copilot CLI, Gemini CLI.

3 files

superpowers

Stats

LanguagePython

Parent stars0

MaintenanceGood

Last CommitMay 17, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Stats

Actions

Help us improve

Share bugs, ideas, or general feedback.

Signing & Entitlements

Quick Start

Use this skill when the failure smells like codesigning rather than compilation: launch refusal, missing entitlement, invalid signature, sandbox mismatch, hardened runtime confusion, or trust-policy rejection.

Workflow

Inspect the bundle or binary.

Locate the .app or executable.
Identify the main binary inside Contents/MacOS/.

Read signing details.

Use codesign -dvvv --entitlements :- <path>.
Use spctl -a -vv <path> when Gatekeeper behavior matters.
Use plutil -p for entitlements or Info.plist inspection.

Classify the failure.

Unsigned or ad hoc signed
Wrong identity
Entitlement mismatch
Hardened runtime issue
App Sandbox issue
Nested code signing issue
Distribution/notarization prerequisite issue

Explain the minimum fix path.

Say exactly what is wrong.
Show the shortest set of validation or repair commands.
Distinguish local development problems from distribution problems.

Useful Commands

codesign -dvvv --entitlements :- <app-or-binary>

spctl -a -vv <app-or-binary>

security find-identity -p codesigning -v

plutil -p <path-to-entitlements-or-plist>

Guardrails

Never invent missing entitlements.

Do not conflate notarization with local debug signing.

If the real issue is a build setting or provisioning profile, say so directly.

Output Expectations

Provide:

what artifact was inspected

what signing state it is in

the exact failure class

the minimum fix or validation sequence