explaingit

kofiloski/app-store-review-risk

Analysis updated 2026-05-18

0PythonAudience · developerComplexity · 2/5Setup · easy

TLDR

A scanner and AI agent skill that checks an Apple app's code, config, and privacy setup for common App Store rejection risks before you submit.

Mindmap

mindmap
  root((app-store-review-risk))
    What it does
      Scans for rejection risks
      Flags privacy gaps
      Checks StoreKit usage
    Tech stack
      Python
      CLI tool
      Codex skill
    Use cases
      Preflight submission
      Review a pull request
      CI risk gate
    Audience
      iOS developers
      Release engineers

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Scan an iOS or macOS app repo for App Store rejection risks before submitting.

USE CASE 2

Check a pull request diff for new App Review risks without re-flagging old ones.

USE CASE 3

Audit PrivacyInfo.xcprivacy, entitlements, and StoreKit code before release.

USE CASE 4

Fail a CI pipeline automatically when high severity risks are found.

What is it built with?

PythonCLIpipxpip

How does it compare?

kofiloski/app-store-review-risk0xhassaan/nn-from-scratch3ks/embedoc
Stars00
LanguagePythonPythonPython
Last pushed2023-06-08
MaintenanceDormant
Setup difficultyeasymoderatehard
Complexity2/54/51/5
Audiencedeveloperdeveloperdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · easy Time to first run · 5min

Install with pip or pipx, then point the CLI at an existing Apple app project directory.

No license information is provided in the README.

In plain English

app-store-review-risk is a scanner and AI agent skill that checks an Apple app project for things that commonly cause App Store rejections before you actually submit it. The goal is to catch problems in advance instead of finding out after a rejection, which can cost days of back and forth with Apple's review team. The scanner works across iOS, iPadOS, macOS, Mac Catalyst, watchOS, tvOS, and visionOS projects. It looks through configuration files like Info.plist and entitlements, the PrivacyInfo.xcprivacy file that describes what data an app collects, StoreKit code for in-app purchases and subscriptions, permission requests, tracking, Sign in with Apple setup, account deletion flows, and any user-generated content handling. It also flags missing pieces that App Store Connect submissions often need, such as screenshots, reviewer notes, privacy answers, a support URL, or demo login credentials for reviewers to test with. You run it from the command line against a project folder, and it can print results as a short summary, a compact JSON object, a full JSON object for automated pipelines, or a Markdown report for humans to read. There is a diff mode that only reports risks introduced by recent code changes, comparing against a Git branch, tag, or commit, so a team can check a pull request without being reminded of every pre-existing issue again. A command line flag lets a continuous integration pipeline fail a check when high severity findings turn up. Beyond the command line tool, the project is also packaged so AI coding agents such as Codex can call it directly as a skill during a release or review workflow. The scanner is built on pattern matching, so it can produce false positives or miss things hidden behind runtime configuration, and the project is clear that its findings are leads to investigate, not official rulings. Apple's own review guidelines remain the final word. The tool is written in Python and can be installed with pip or pipx.

Copy-paste prompts

Prompt 1
Run app-store-review-risk against my iOS app repo and summarize the top risks.
Prompt 2
Use app-store-review-risk in diff mode to check this pull request against origin/main.
Prompt 3
Explain what app-store-review-risk found in my PrivacyInfo.xcprivacy and entitlements files.
Prompt 4
Set up app-store-review-risk in CI to fail the build on high severity findings.

Frequently asked questions

What is app-store-review-risk?

A scanner and AI agent skill that checks an Apple app's code, config, and privacy setup for common App Store rejection risks before you submit.

What language is app-store-review-risk written in?

Mainly Python. The stack also includes Python, CLI, pipx.

What license does app-store-review-risk use?

No license information is provided in the README.

How hard is app-store-review-risk to set up?

Setup difficulty is rated easy, with roughly 5min to a first successful run.

Who is app-store-review-risk for?

Mainly developer.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.