Jamf Script Safety Reviewer
by LB Creations
Review Jamf and Kandji scripts for safer user context, prompts, logging, and rollout readiness.
- Validate console-user detection logic for Self Service scripts.
- Identify and redact accidental credential logging in MDM policies.
- Translate Jamf-specific script patterns for Kandji or Iru workflows.
$49.99
· or 250 creditsSecure checkout via Stripe
Included in download
- Validate console-user detection logic for Self Service scripts.
- Identify and redact accidental credential logging in MDM policies.
- terminal automation included
- Ready for Codex CLI
Sample input
Review my Jamf policy script for user context errors and security issues before I deploy it. Here is the code using whoami and a hardcoded bearer token for the API.
Sample output
Verdict: CAUTION Issue: Script uses 'whoami' which returns 'root' in Jamf policies, breaking user-path logic. Fix: Use stat -f %Su /dev/console to capture the current GUI user. Security: Flagged hardcoded API bearer token; replacing with a recommended token-rotation logic block.
Review Jamf and Kandji scripts for safer user context, prompts, logging, and rollout readiness.
$49.99
· or 250 creditsSecure checkout via Stripe
Included in download
- Validate console-user detection logic for Self Service scripts.
- Identify and redact accidental credential logging in MDM policies.
- terminal automation included
- Ready for Codex CLI
- Instant install
Sample input
Review my Jamf policy script for user context errors and security issues before I deploy it. Here is the code using whoami and a hardcoded bearer token for the API.
Sample output
Verdict: CAUTION Issue: Script uses 'whoami' which returns 'root' in Jamf policies, breaking user-path logic. Fix: Use stat -f %Su /dev/console to capture the current GUI user. Security: Flagged hardcoded API bearer token; replacing with a recommended token-rotation logic block.
Screenshots
About This Skill
Defensive script review for Mac admins
Jamf Script Safety Reviewer reviews Jamf Pro, Self Service, Kandji, and Iru scripts before production rollout. It focuses on user context, prompt behavior, logging hygiene, shell robustness, and staged deployment planning.
What it checks
- Console-user detection and root-versus-user assumptions.
- Prompt patterns that may expose sensitive input in logs, files, or process listings.
- Jamf API token handling from redacted examples.
- Quoting, PATH assumptions, temp files, cleanup, and rollback readiness.
- Kandji and Iru adaptation notes for migrated workflows.
Boundaries
This is a defensive admin-review skill. Use redacted or synthetic examples. It does not collect, validate, store, transmit, or request live passwords, tokens, recovery keys, or private tenant values.
Output
You get a ready, caution, or hold verdict, specific findings, safer replacement patterns, test steps, and rollout notes.
Use Cases
- Validate console-user detection logic for Self Service scripts.
- Identify and redact accidental credential logging in MDM policies.
- Translate Jamf-specific script patterns for Kandji or Iru workflows.
- Generate rollback procedures and staged-deployment validation steps.
- Audit shell robustness for improper PATH assumptions and quoting errors.
Known Limitations
- Cannot execute or live-test scripts.
- Reviews redacted/synthetic code only; no live credential validation.
- Does not interface directly with MDM APIs or tenant environments.
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/jamf-script-safety-reviewer -o /tmp/jamf-script-safety-reviewer.zip && unzip -o /tmp/jamf-script-safety-reviewer.zip -d ~/.claude/skills && rm /tmp/jamf-script-safety-reviewer.zipFree skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Early access skill
Be the first to review this skill.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
No runtime dependencies. Works with SKILL.md-compatible agents including Claude Code, Codex CLI, Cursor, VS Code Copilot, Gemini CLI, and OpenClaw. Use redacted scripts or synthetic examples; do not paste live passwords, tokens, recovery keys, tenant URLs, or private customer data.
Creator
LB designs and builds autonomous AI systems optimized for local deployment. Specializing in distributed inference fleets, multi-model orchestration, and agent-native tooling, everything runs on your hardware, zero API fees.
Frequently Asked Questions
Learn More About AI Agent Skills
More Premium Skills
Bounty Security Pattern Master Library — 399 Vulnerability Patterns
A premium library of 399 vulnerability patterns and DeFi attack vectors for AI-driven bug hunting and security audits.
Multi-Agent Orchestration Master Library
Transform Claude Code into a coordinated multi-agent system. Battle-tested tmux orchestration patterns, YAML task queues, event-driven communication, and parallel worker management for 8+ agents.
PII & Data-Leak Scanner
Scan your schemas, seed data, config, and logs for personal data before it leaks. Detects PII-indicating column and key names (email, ssn, phone, address) across SQL, CSV, and JSON, plus PII in the data itself: email addresses, SSN-like numbers, credit-card-like numbers, phone numbers, and PII written into log files. Each finding is flagged with its location and a GDPR-style review note. Heuristic by design: it surfaces what to review, not a compliance guarantee.
designing-hybrid-context-layers
Architects the right retrieval strategy for every query — teaching your agent when to use RAG, a knowledge graph, or a temporal index instead of defaulting to vector search for everything.