etanhey/mac-systems
skills/golem-powers/mac-systems/SKILL.md
macOS systems specialist — AppKit NSPanel architecture, launchd services, socket activation, MCP bridge resilience, syspolicyd, and high-frequency SwiftUI dashboards. Use when building menu-bar apps, LaunchAgents, debugging syspolicyd/Gatekeeper/TCC, resilient UDS/MCP bridges, or SwiftUI dashboards at 10Hz+.
$ install --global
skillsauthnpx skillsauth add etanhey/golems mac-systemsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Jun 7, 2026, 3:06 AM13.4s1 file scanned
SKILL.md
- name:
- mac-systems
- description:
- macOS systems specialist — AppKit NSPanel architecture, launchd services, socket activation, MCP bridge resilience, syspolicyd, and high-frequency SwiftUI dashboards. Use when building menu-bar apps, LaunchAgents, debugging syspolicyd/Gatekeeper/TCC, resilient UDS/MCP bridges, or SwiftUI dashboards at 10Hz+.
mac-systems
macOS systems specialist for low-level AppKit, launchd, security policy, resilient networking, and SwiftUI dashboard architecture.
When to Use
- Building or fixing menu bar apps (NSStatusItem, NSPanel, NSPopover migration)
- Configuring LaunchAgents/LaunchDaemons
- Debugging syspolicyd, Gatekeeper, TCC, or codesigning issues
- Implementing resilient Unix Domain Socket bridges (especially for MCP)
- Architecting high-frequency SwiftUI dashboards (10Hz+) on macOS
- Working with launchd socket activation for zero-downtime restarts
Mechanical Environment Truths (hard-won — gen-12 weave E14)
One-liners every worker and launchd plist author must internalize:
- Tailnet IP bind ban — NEVER hardcode tailnet IPs in launchd plists or worker-prompt URLs. Bind
127.0.0.1/ loopback or resolve at start. Three live catches: Phoenix phantom listener (two eras), W10 dead:8852URL. - Codex detached-child reap — Codex
execreaps detached children (&/nohupdie).launchctl submitis the surviving detach path; clean up leftover runners after. - pipefail + early-exit consumer — Under
set -o pipefail, piping into an early-exit consumer (awk '{exit}') SIGPIPE-kills the producer (exit 141). Buffer first, then consume. See/shell-hardening. - zsh read-only specials — Never use zsh read-only specials (
status, etc.) as variable names. - nvm FUNCNEST in profiles —
voicelayer-profilenodehits nvm_lazy_nvmFUNCNEST recursion — use bun for profile scripts. - CloudStorage read bounds — Bound any read of
~/Library/CloudStorage— cloud-only placeholders hang naivetar/read. - Host-identity check first — Machine-named tasks: verify current-host vs target-host identity BEFORE acting ("What you're on is the M4 Max. I was asking about the M1 Pro.").
- Computer-use fallback ladder — When CU fails on a UI element: element click → coords →
osascriptSystem Events AX → keystroke.
Core Knowledge
1. Menu Bar App Architecture (NSPopover → NSPanel)
NSPopover is wrong for dashboard-class UIs. It causes:
- White flash on Sonoma/Sequoia/Tahoe (Apple regression in popover composition)
- No resize persistence
- View hierarchy teardown on every dismiss (kills @State)
- No right-click, drag, modifier-click, or programmatic show/hide
The correct primitive: NSStatusItem + custom NSPanel + NSHostingView.
Every serious menu-bar app uses this: Ice, Stats, Raycast, 1Password mini, Bartender, iStatMenus, CleanShot X, Alfred, MonitorControl.
NSPanel Recipe
final class DashboardPanel: NSPanel {
init<V: View>(rootView: V) {
super.init(
contentRect: NSRect(x: 0, y: 0, width: 520, height: 620),
styleMask: [.titled, .closable, .resizable, .fullSizeContentView,
.nonactivatingPanel, .utilityWindow],
backing: .buffered, defer: false
)
titlebarAppearsTransparent = true
titleVisibility = .hidden
isFloatingPanel = true
level = .statusBar
hidesOnDeactivate = false
becomesKeyOnlyIfNeeded = true
collectionBehavior = [.canJoinAllSpaces, .fullScreenAuxiliary, .transient]
animationBehavior = .utilityWindow // THE flash fix
isMovableByWindowBackground = false
hasShadow = true
isOpaque = false
backgroundColor = .clear
let effect = NSVisualEffectView()
effect.material = .menu
effect.state = .active
effect.blendingMode = .behindWindow
effect.wantsLayer = true
effect.layer?.cornerRadius = 10
effect.layer?.masksToBounds = true
let host = NSHostingView(rootView: rootView)
host.sizingOptions = [.preferredContentSize]
host.translatesAutoresizingMaskIntoConstraints = false
effect.addSubview(host)
NSLayoutConstraint.activate([
host.leadingAnchor.constraint(equalTo: effect.leadingAnchor),
host.trailingAnchor.constraint(equalTo: effect.trailingAnchor),
host.topAnchor.constraint(equalTo: effect.topAnchor),
host.bottomAnchor.constraint(equalTo: effect.bottomAnchor),
])
contentView = effect
}
override var canBecomeKey: Bool { true }
override var canBecomeMain: Bool { false }
}
Seven Anti-Flash Measures
animationBehavior = .utilityWindow— subtle fade instead of scale-in- Pre-create panel at launch, not on first click
setContentSize(...)before firstmakeKeyAndOrderFrontisOpaque = false+backgroundColor = .clear+NSVisualEffectViewwantsLayer = trueon hosting viewclipsToBounds = trueon Sonoma+NSHostingView.sizingOptions = [.preferredContentSize](macOS 13.3+)
2. LaunchAgents & LaunchDaemons
See mechanical truth #1 (loopback bind) and #2 (launchctl submit for Codex detach).
launchctl Commands (macOS 10.10+)
# Load/enable
launchctl bootstrap gui/$(id -u) ~/Library/LaunchAgents/com.example.myservice.plist
# Unload/disable
launchctl bootout gui/$(id -u)/com.example.myservice
# Status
launchctl print gui/$(id -u)/com.example.myservice
# Detached one-shot (survives Codex exec reap — preferred over bare nohup &)
launchctl submit -l com.example.oneshot -- /path/to/script.sh
3. Security — syspolicyd, Gatekeeper, TCC
# Watch syspolicyd in real time
/usr/bin/log stream --predicate 'subsystem == "com.apple.syspolicy"' --level debug
# ⚠️ In scripted zsh, ALWAYS invoke /usr/bin/log absolutely — zsh has a `log` builtin that
# shadows it and exits 0 with no output, silently fabricating "no log entries" conclusions.
References
- R1 BrainBar UX Research:
~/Gits/orchestrator/docs.local/research/R1-claude-desktop-macos-menubar-ux-FULL.md - MCP Reconnection Research:
~/Gits/orchestrator/docs.local/research/mcp-reconnection-research.md /shell-hardening— pipefail/SIGPIPE section pairs with mechanical truth #3
Related Skills
etanhey/phoenix-human-view
tools
VerifiedTrustedCommunity
The human-eval UX contract for Phoenix views: turn-by-turn scrollable replay (not a scorecard), hide-but-copyable IDs, collapsed thinking, identity chips, tool filters, tiny frozen starter datasets, mark-wrong-in-thread, mobile-first. Use when: building or reviewing ANY Phoenix/eval view, annotation UI, session replay, or human-grading surface. Triggers: phoenix view, eval UI, annotation view, session replay, human eval UX, grading interface. NOT for: Phoenix data pipelines/ingest (capture scripts have their own specs).
3SKILL.mdUpdated Jun 7, 2026
etanhey/judge-fleet
development
VerifiedTrustedCommunity
Bulk LLM-judging protocol for fleet-dispatched verdict runs (KG cluster, eval harness). Use when: dispatching or running judge workers (J1/J2/RT), planning bulk-apply from verdict JSONL, or triaging evidence_degraded outputs. Triggers: judge fleet, bulk judge, R3 verdicts, kg-judge, RT gate, evidence_degraded. NOT for: single-item code review, Phoenix view UX (use phoenix-human-view), or non-judge eval pipelines.
3SKILL.mdUpdated Jun 7, 2026
etanhey/fleet-wrap
development
VerifiedTrustedCommunity
Quiet-down protocol for sprint close: when the fleet wraps, delete ALL polling crons and monitors, send ONE final dashboard + ONE message, then go SILENT. Use when: fleet wraps, all workers done, overnight queue exhausted, sprint close, Etan asleep/away with nothing approved left. Triggers: fleet wrap, wrap the fleet, stand down, going quiet, sprint close. NOT for: mid-sprint monitoring (keep your loops), spawning a successor (use /session-handoff first).
3SKILL.mdUpdated Jun 7, 2026
etanhey/drive-usage
development
VerifiedTrustedCommunity
Brain Drive filing discipline — where every artifact goes + how to name it. Use WHENEVER touching Google Drive / Brain Drive: uploading, creating folders, saving research prompts/results, audits, plans, transcripts, dashboards, or when about to leave a durable artifact in docs.local/. Teaches the numbered folder model (01_STANDARDS / 02_GROUNDING / 03_RESEARCH / 04_INGEST / 06_ARCHIVE), date-prefixed naming, and the rule: FILE durable artifacts in the right Drive folder — docs.local/ is cache-only. NOT for querying Drive via Gemini (use /braindrive) or web research (use /gemini-research); for >100KB heavy archival defer to /google-drive-archive.
3SKILL.mdUpdated Jun 7, 2026