The Agent Skills Directory

[COMMAND_EXECUTION]: The skill includes several utility scripts (package_app.sh, compile_and_run.sh, launch.sh) that automate the software development lifecycle on macOS. These scripts use standard development tools like swift for compilation, codesign for security, and lipo for creating universal binaries.
[EXTERNAL_DOWNLOADS]: The workflow references standard external dependencies such as the Sparkle framework for app updates and Apple's notarization tools (xcrun notarytool). These are well-known, legitimate services used by macOS developers.
[CREDENTIALS_UNSAFE]: The scripts for signing and notarization (sign-and-notarize.sh, make_appcast.sh) are designed to ingest sensitive credentials like App Store Connect API keys and private signing keys via environment variables. This approach is consistent with industry-standard secret management practices for build automation.

guide-macos-spm-packaging