bgclick-rev

Solid

Reverse-engineer a macOS GUI automation app's background-click path and produce a Swift reproduction. Use only when the user provides a target .app and explicitly asks for IDA-backed background-click reverse engineering. Requires IDA Pro with IDA MCP attached.

AI & Automation 146 stars 3 forks Updated 2 days ago Apache-2.0

Install

View on GitHub

Quality Score: 87/100

Stars 20%
72
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Background-Click Reverse Engineering Use this skill only for research on a user-provided macOS `.app`. If IDA Pro or IDA MCP is unavailable, stop early and explain the blocker. Do not modify Uni-CLI source code from this skill; write research artifacts and reproduction code only after the binary evidence is gathered. ## Outputs Create a research bundle under `<workspace>/research/`: - `SHARED-CONTEXT.md` with target paths, bundle IDs, signing status, IDA MCP instance mapping, and priors to verify. - `findings/<phase-or-question>.md` for call-site maps and open questions. - `sub_<addr>-<label>.md` for every decompiled function used as evidence. - `frame-map.md` for Swift async task-frame offsets. - `FINAL-REPORT.md` with behavior spec, evidence table, reproduction diff, and VM test plan. If asked to build a reproduction, add: - `Sources/<Module>/BackgroundClicker.swift` - `EchoApp/main.swift` - `impl-research.md` with empirical VM runs. ## Priors To Verify Treat these as hypotheses until confirmed in the target binary: - Events are posted with `CGEvent.postToPid(_:)`. - The synthetic event starts as `NSEvent.mouseEvent(...)`, then uses `event.cgEvent`. - Explicit integer fields are `3` button, `7` subtype value `3`, `91` window under pointer, and `92` window that can handle the event. - Screen location is set, read back, translated by the target window origin, and written with `CGEventSetWindowLocation` resolved by `dlsym`. - Background targets receive `CGEventFlags...

Details

Author
olo-dot-io
Repository
olo-dot-io/Uni-CLI
Created
2 months ago
Last Updated
2 days ago
Language
TypeScript
License
Apache-2.0

Integrates with

OpenAI · AI

Similar Skills

Semantically similar based on skill content — not just same category

Data & Documents Listed

ida-reverse-engineering

Drive IDA Pro through the IDA Pro MCP like a senior reverse engineer: don't just narrate decompiler output, transform the database. Use this whenever the user is reverse engineering, analyzing malware, working a crackme or CTF, or doing binary/firmware analysis with IDA Pro over an MCP connection (mrexodia/ida-pro-mcp or idalib-mcp) — and especially when the agent keeps guessing at raw pseudocode instead of renaming functions and variables, defining structs, fixing types, and adding comments. Covers the iterative cleanup loop, anti-hallucination rules (always use int_convert; read real bytes/strings/xrefs), a triage/deobfuscation/library-resolution pre-pass, a definition-of-done, game-binary reversing (Unity/IL2CPP, Unreal, RTTI, anti-cheat/DRM), and bundled IDAPython scripts. Trigger even if the user only says "reverse engineer this binary", "clean up this IDB", "make this pseudocode readable", "dump the Unity/Unreal SDK", "reverse this game", or names IDA tools, without saying the word "skill".

0 Updated yesterday
Newmcpe
AI & Automation Solid

app-control

Drive a specific named macOS app via raw input bypassing the Accessibility tree

648 Updated today
vellum-ai
Data & Documents Listed

binary-re

This skill should be used when analyzing binaries, executables, or bytecode to understand what they do or how they work. Triggers on "binary", "executable", "ELF", "what does this do", "reverse engineer", "disassemble", "decompile", "pyc file", "python bytecode", "analyze binary", "figure out", "marshal". Routes to sub-skills for triage, static analysis, dynamic analysis, synthesis, or tool setup.

353 Updated today
aiskillstore