rshankras/release-review
skills/release-review/SKILL.md
Senior developer-level release review for macOS/iOS apps. Identifies security, privacy, UX, and distribution issues with actionable fixes. Use when preparing an app for release, want a critical review, or before App Store submission.
$ install --global
skillsauthnpx skillsauth add rshankras/claude-code-apple-skills release-reviewInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 11, 2026, 10:44 PM4.6s6 files scanned
SKILL.md
- name:
- release-review
- description:
- Senior developer-level release review for macOS/iOS apps. Identifies security, privacy, UX, and distribution issues with actionable fixes. Use when preparing an app for release, want a critical review, or before App Store submission.
- allowed-tools:
- [Read, Glob, Grep]
Release Review for Apple Platforms
Performs a comprehensive pre-release audit of macOS and iOS applications from a senior developer's perspective. Identifies critical issues that could cause rejection, security vulnerabilities, privacy concerns, and UX problems—with actionable fixes.
When This Skill Activates
Use this skill when the user:
- Says "review for release", "release review", or "pre-release audit"
- Asks for "senior developer review" or "critical review"
- Mentions preparing for "App Store", "TestFlight", or "notarization"
- Wants to know what "power users might complain about"
- Asks to "review before shipping" or "check before release"
Review Process
Phase 1: Project Discovery
First, understand the project:
# Find project type
Glob: **/*.xcodeproj or **/*.xcworkspace
Glob: **/Info.plist
Glob: **/project.pbxproj
Identify:
- Platform (macOS, iOS, or both)
- App type (standard app, menu bar app, widget, extension)
- Distribution method (App Store, direct download, TestFlight)
Phase 2: Security Review
Load and apply: security-checklist.md
Key areas:
- Credential storage (Keychain patterns, no hardcoded secrets)
- Data transmission (HTTPS, certificate validation)
- Input validation (injection prevention)
- Entitlements audit
- Hardened runtime (macOS)
Phase 3: Privacy Review
Load and apply: privacy-checklist.md
Key areas:
- Data collection transparency
- Privacy manifest (iOS 17+)
- User consent flows
- Third-party SDK disclosure
- GDPR compliance basics
Phase 4: UX Polish Review
Load and apply: ux-polish-checklist.md
Key areas:
- First launch / onboarding
- Empty states and error handling
- Loading states
- Text truncation and accessibility
- Platform-specific UX patterns
Phase 5: Distribution Review
Load and apply: distribution-checklist.md
Key areas:
- Bundle identifier format
- Code signing configuration
- Info.plist completeness
- App icons
- Platform-specific requirements (notarization, App Store)
Phase 6: API Design Review
Load and apply: api-design-checklist.md
Key areas:
- User-Agent headers (honest identification)
- Error handling patterns
- Token expiration handling
- Rate limiting
- Offline handling
Output Format
Present findings in this structure:
# Release Review: [App Name]
**Platform**: macOS / iOS / Universal
**Distribution**: App Store / Direct Download / TestFlight
**Review Date**: [Date]
## Summary
| Priority | Count |
|----------|-------|
| Critical | X |
| High | X |
| Medium | X |
| Low | X |
---
## 🔴 Critical Issues (Must Fix)
Issues that will cause rejection, crashes, or security vulnerabilities.
### [Category]: [Issue Title]
**File**: `path/to/file.swift:123`
**Impact**: [Why this matters]
**Current Code**:
```swift
// problematic code
Suggested Fix:
// fixed code
🟠 High Priority (Should Fix)
Issues that significantly impact user experience or trust.
[Same format as above]
🟡 Medium Priority (Fix Soon)
Issues that should be addressed but won't block release.
[Same format as above]
🟢 Low Priority / Suggestions
Nice-to-have improvements and polish.
[Same format as above]
✅ Strengths
What the app does well:
- [Strength 1]
- [Strength 2]
- [Strength 3]
Recommended Action Plan
- [Critical] [First thing to fix]
- [Critical] [Second thing to fix]
- [High] [Third thing to fix] ...
## Priority Classification
### 🔴 Critical
- Security vulnerabilities (credential exposure, injection)
- Crashes or data loss scenarios
- App Store rejection causes
- Privacy violations
- Hardcoded secrets or spoofed identifiers
### 🟠 High
- Poor error handling (silent failures)
- Missing user consent or transparency
- Accessibility blockers
- Missing required Info.plist keys
- Broken functionality
### 🟡 Medium
- Incomplete onboarding
- Suboptimal UX patterns
- Missing empty states
- Performance concerns
- Minor accessibility issues
### 🟢 Low
- Code style improvements
- Additional features
- Polish and refinement
- Documentation improvements
## Platform-Specific Considerations
### macOS
- Menu bar app window activation (`NSApp.activate`)
- Sandbox exceptions justification
- Notarization requirements
- Hardened runtime
- Developer ID signing
- DMG/installer considerations
### iOS
- App Tracking Transparency
- Privacy nutrition labels
- Launch screen requirements
- Export compliance
- In-app purchase requirements
- TestFlight configuration
## References
- **security-checklist.md** - Detailed security review items
- **privacy-checklist.md** - Privacy and data handling
- **ux-polish-checklist.md** - User experience review
- **distribution-checklist.md** - Release and distribution
- **api-design-checklist.md** - Network and API patterns
Related Skills
rshankras/run-device
development
VerifiedTrustedCommunity
Build, install, and launch an iOS app on a physical iPhone or iPad entirely from the command line (no Xcode GUI), using xcodebuild + devicectl. Use when the user wants to run, test, or screenshot their app on a real device without opening Xcode.
385SKILL.mdUpdated Jun 4, 2026
rshankras/ios-development
development
VerifiedTrustedCommunity
Comprehensive iOS development guidance including Swift best practices, SwiftUI patterns, UI/UX review against HIG, and app planning. Use for iOS code review, best practices, accessibility audits, or planning new iOS apps.
385SKILL.mdUpdated Apr 11, 2026
rshankras/run-simulator
development
VerifiedTrustedCommunity
Build, install, launch, and screenshot an iOS app in the Simulator to verify a change visually. Use when the user wants to run the app, see a change live, screenshot the running app, or confirm a UI fix actually works (not just that it compiles).
381SKILL.mdUpdated Jun 3, 2026
rshankras/skill-auditor
development
VerifiedTrustedCommunity
Audits skills in this repo for consistency, API drift, and structural gaps. Produces a prioritized report grouped by severity (Critical/High/Medium/Low). Use when asked to "audit skills", "check the skill repo for drift", or when planning bulk skill cleanup. Read-only — does not apply fixes.
196SKILL.mdUpdated Apr 20, 2026