Skillget

ipsw-skill

skill
Security Audit
Pass
Health Pass
  • License — License: MIT
  • Description — Repository has a description
  • Active repo — Last push 0 days ago
  • Community trust — 53 GitHub stars
Code Pass
  • Code scan — Scanned 2 files during light audit, no dangerous patterns found
Permissions Pass
  • Permissions — No dangerous permissions requested
Purpose
This skill provides AI coding agents (like Claude Code, Codex, and Gemini) with instructions to utilize the `ipsw` command-line tool for Apple firmware extraction and Mach-O binary reverse engineering.

Security Assessment
Overall Risk: Low. This tool is essentially a collection of Markdown files (SKILL.md and reference docs) that teach an AI agent how to interact with the external `ipsw` CLI. It does not contain executable code, hardcoded secrets, or dangerous permission requests. However, because the skill instructs the AI to run shell commands via the `ipsw` binary—such as downloading firmware, extracting files, and querying databases—it inherently requires the execution of local system commands and network requests. The risk depends entirely on the security and trustworthiness of the externally installed `ipsw` CLI, not the skill itself.

Quality Assessment
This is a highly maintained and reputable resource. It recently received updates (pushed to just days ago) and is licensed under the permissive and standard MIT license. Backed by 53 GitHub stars, the project demonstrates a solid baseline of community trust and validation among Apple security researchers and developers. Furthermore, a light code audit scanning 2 files found no dangerous patterns or malicious payloads.

Verdict
Safe to use.
SUMMARY

A SKILL.md for ipsw

README.md

ipsw-skill

An AI agent skill for Apple firmware and binary reverse engineering using the ipsw CLI tool.

Supports Claude Code, Codex CLI, and Gemini CLI.

What This Skill Provides

This skill empowers AI agents to assist with:

  • Downloading/extracting firmware - IPSWs, OTAs, kernelcaches, dyld_shared_cache
  • Userspace reverse engineering - DSC disassembly, symbol lookup, xrefs, string search
  • Dumping Objective-C headers from private frameworks
  • Kernel & KEXT analysis - extraction, syscalls, diffing between versions
  • Entitlements research - database queries, capability discovery
  • Mach-O binary analysis - signatures, entitlements, disassembly

Installation

Prerequisites

Install the ipsw CLI tool:

brew install blacktop/tap/ipsw

skills.sh

npx skills add https://github.com/blacktop/ipsw-skill --skill ipsw

Claude Code

Install from marketplace:

claude plugin marketplace add blacktop/ipsw-skill
claude plugin install ipsw

Or install manually:

git clone https://github.com/blacktop/ipsw-skill /tmp/ipsw-skill

# User-wide (available in all projects)
mv /tmp/ipsw-skill/ipsw ~/.claude/skills/ipsw

# Project-specific (check into your repo)
mv /tmp/ipsw-skill/ipsw .claude/skills/ipsw

Codex CLI

Use the built-in installer:

$skill-installer https://github.com/blacktop/ipsw-skill --path ipsw

Or install manually:

git clone https://github.com/blacktop/ipsw-skill /tmp/ipsw-skill

# User-wide
mv /tmp/ipsw-skill/ipsw ~/.codex/skills/ipsw

# Project-specific
mv /tmp/ipsw-skill/ipsw .codex/skills/ipsw

Note: Run Codex with --enable skills if skills aren't loading automatically.

Gemini CLI

Install the extension directly:

gemini extensions install https://github.com/blacktop/ipsw-skill

Usage Examples

Once installed, the agent will automatically use this skill for Apple RE tasks:

"Download the latest IPSW for iPhone 15 Pro and extract the kernel"

"Disassemble the _malloc function from the system dyld_shared_cache"

"Dump the Objective-C headers for SpringBoardServices"

"Find all binaries with the platform-application entitlement in iOS 18"

"What address is -[NSObject init] at in the DSC?"

"Find all xrefs to this function address"

Contents

ipsw-skill/
├── ipsw/                       # The skill (Claude Code / Codex / Gemini all read this)
│   ├── SKILL.md                # Main skill instructions
│   └── references/
│       ├── dyld.md             # DSC analysis (a2s, xref, dump, str)
│       ├── download.md         # Firmware download & extraction
│       ├── kernel.md           # Kernel & KEXT analysis
│       ├── macho.md            # Mach-O binary analysis
│       ├── class-dump.md       # ObjC header dumping
│       └── entitlements.md     # Entitlements database & queries
├── gemini-extension.json       # Gemini extension config
└── .claude-plugin/
    └── marketplace.json        # Claude marketplace config

Resources

License

MIT

Reviews (0)

No results found