This is a comprehensive playbook for injecting code into macOS processes using DYLD_INSERT_LIBRARIES, dylib hijacking (weak/rpath/proxy variants), XPC service exploitation, and Mach port manipulation. You'd use this when pentesting macOS apps or researching privilege escalation vectors. The skill covers the critical details base models miss, like which binaries accept DYLD environment variables (hardened runtime blocks them unless explicitly entitled), how PID reuse attacks work against poorly validated XPC services, and why audit tokens matter more than PIDs for validation. It's thorough on both technique and constraints, with tables showing exactly what works against SIP-protected binaries versus sandboxed apps. The practical code snippets and one-liners for finding injectable targets make it immediately actionable.
npx skills add https://github.com/yaklang/hack-skills --skill macos-process-injection