Babysitter macos-codesign-workflow
Execute macOS code signing with Developer ID and hardened runtime requirements
install
source · Clone the upstream repo
git clone https://github.com/a5c-ai/babysitter
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/a5c-ai/babysitter "$T" && mkdir -p ~/.claude/skills && cp -r "$T/library/specializations/desktop-development/skills/macos-codesign-workflow" ~/.claude/skills/a5c-ai-babysitter-macos-codesign-workflow && rm -rf "$T"
manifest:
library/specializations/desktop-development/skills/macos-codesign-workflow/SKILL.mdsource content
macos-codesign-workflow
Execute macOS code signing with Developer ID certificates and hardened runtime. This skill handles the complete code signing process for macOS applications.
Capabilities
- Sign app bundles with Developer ID
- Configure hardened runtime
- Sign nested frameworks and binaries
- Configure entitlements
- Verify signatures
- Set up CI/CD signing
- Handle keychain management
Input Schema
{ "type": "object", "properties": { "appPath": { "type": "string" }, "identity": { "type": "string" }, "entitlements": { "type": "string" }, "hardenedRuntime": { "type": "boolean", "default": true } }, "required": ["appPath", "identity"] }
Signing Commands
# Sign app bundle with hardened runtime codesign --force --options runtime --timestamp \ --entitlements MyApp.entitlements \ --sign "Developer ID Application: Company Name (TEAMID)" \ MyApp.app # Sign nested components first find MyApp.app -name "*.dylib" -o -name "*.framework" | \ xargs -I {} codesign --force --options runtime --timestamp \ --sign "Developer ID Application: Company Name (TEAMID)" {} # Verify signature codesign --verify --deep --strict --verbose=2 MyApp.app spctl --assess --type execute --verbose MyApp.app
Related Skills
macos-notarization-workflowmacos-entitlements-generator