Audit App Store Readiness
by @tristanmanchester
Audit an iOS app repo (Swift/Xcode or React Native/Expo) for App Store compliance and release readiness; output a pass/warn/fail report and publish checklist.
clawhub install auditing-appstore-readiness📖 About This Skill
name: auditing-appstore-readiness description: Audit an iOS app repo (Swift/Xcode or React Native/Expo) for App Store compliance and release readiness; output a pass/warn/fail report and publish checklist. metadata: {"openclaw":{"emoji":"🧾","requires":{"bins":["git"]}}}
App Store Readiness Audit
This skill reviews an app repository and produces a release readiness report for iOS App Store / TestFlight submission.
It supports:
Quick start (recommended)
Run the read‑only audit script from the repo root:
{ "tool": "exec", "command": "node {baseDir}/scripts/audit.mjs --repo . --format md" }
If you want JSON output as well:
{ "tool": "exec", "command": "node {baseDir}/scripts/audit.mjs --repo . --format md --json audit.json" }
If the repo is a monorepo, point at the app directory:
{ "tool": "exec", "command": "node {baseDir}/scripts/audit.mjs --repo apps/mobile --format md" }
Output contract
Always return:
Use: references/report-template.md
Safety rules (don’t break the repo)
Default to read‑only commands. Do not run commands that modify the workspace unless:
Examples of mutating commands:
npm i, yarn, pnpm i, pod install)expo prebuild)fastlane match)xcodebuild archive, eas build) — creates artefacts and may require signingIf you must run a mutating command, label it clearly as MUTATING before running.
Main workflow
1) Identify the repo and project flavour
Prefer scripted detection (audit.mjs). If doing manually:
package.json contains expo and app.json / app.config.* existspackage.json contains react-native and ios/ exists*.xcodeproj or *.xcworkspace existsIf multiple apps exist, pick the one matching the user’s intent; otherwise pick the directory with:
ios//Info.plist , and.xcodeproj or .xcworkspace near the root.2) Run static compliance checks (works everywhere)
Run these checks even without Xcode:
PrivacyInfo.xcprivacy) or explicitly accounted for
- Permission usage strings present when relevant (camera, location, tracking, etc.)
- Avoid broad ATS exemptions (NSAllowsArbitraryLoads)
The script outputs PASS/WARN/FAIL for these.
3) Run build‑accuracy checks (macOS + Xcode, optional but high confidence)
Only if you have Xcode available (local macOS gateway or a paired macOS node).
Recommended sequence (creates build artefacts):
1) Show Xcode + SDK versions: { "tool": "exec", "command": "xcodebuild -version" }
2) List schemes (project/workspace as detected):
{ "tool": "exec", "command": "xcodebuild -list -json -workspace
3) Release build for simulator (fast, avoids signing): { "tool": "exec", "command": "xcodebuild -workspace <...> -scheme <...> -configuration Release -sdk iphonesimulator -destination 'platform=iOS Simulator,name=iPhone 15' build" }
4) If you need a distribution artefact (MUTATING / signing):
xcodebuild archive + xcodebuild -exportArchiveIf build checks aren’t possible, the report must explicitly say so and keep the verdict at WARN (unless there are definite FAIL items).
4) Produce the final readiness report
Manual checks the agent cannot fully verify
Always include these as a final checklist section (even if automated checks pass):
See: references/manual-checklist.md
When the user asks “make it compliant”
Switch to fix mode:
1) Identify failing items that can be fixed safely in‑repo (Info.plist strings, PrivacyInfo.xcprivacy template, ATS exceptions tightening, etc.)
2) Propose minimal patches and apply with apply_patch
3) Re‑run audit.mjs and update the report