explaingit

momenbuilds/app-launch-guard

11TypeScriptAudience · developerComplexity · 2/5ActiveLicenseSetup · easy

TLDR

Local CLI and GitHub Action that scans an iOS project for common App Store review tripwires like missing usage strings, privacy manifest gaps, and exposed secrets.

Mindmap

mindmap
  root((app-launch-guard))
    Inputs
      iOS source files
      Info.plist
      Privacy manifest
      Xcode project
    Outputs
      Terminal report
      Markdown report
      JSON report
      HTML dashboard
    Use Cases
      Pre-submission audit
      CI gate on PRs
      Privacy manifest check
    Tech Stack
      TypeScript
      Node
      GitHub Actions

Things people build with this

USE CASE 1

Catch missing Info.plist usage descriptions before App Store submission

USE CASE 2

Block PRs in CI when a privacy manifest is missing or invalid

USE CASE 3

Spot exposed secrets and analytics SDKs in an iOS codebase

USE CASE 4

Generate an HTML report of review risks for the team

Tech stack

TypeScriptNodeGitHub Actions

Getting it running

Difficulty · easy Time to first run · 5min

Needs Node and npm to install the CLI globally; no Apple credentials required.

MIT license, free to use, modify, and redistribute commercially with attribution.

In plain English

AppLaunchGuard is an open-source command-line tool and matching GitHub Action that scans an iOS project on disk and flags things that often trip up Apple App Store review. It does not call any Apple service, does not upload your code, does not send telemetry, and the README is explicit that it does not use AI in version 1. Everything runs locally. The scanner reads source files, Info.plist, the PrivacyInfo.xcprivacy manifest, Xcode project files, fastlane metadata, app icons, and screenshots. From that it checks a list of common review traps: permission APIs used without a matching Info.plist usage description, missing or unparseable privacy manifests, AppTrackingTransparency code without NSUserTrackingUsageDescription (or the reverse), RevenueCat and StoreKit subscription configuration, presence of analytics, crash, ads, attribution, push, and paywall SDKs, missing app icon or iPad screenshots, exposed secrets (printed masked in the report), and review-sensitive wording around mental health, therapy, medical advice, and crisis topics. The tool runs as a Node CLI installed with npm install -g app-launch-guard, then invoked as app-launch-guard scan followed by a path. Reports can be terminal text, Markdown for pull request comments, JSON for automation, or a self-contained HTML dashboard that can either be saved or served on a local port. By default the scan ignores AI assistant directories like .claude.cursor.codex, plus node_modules, build outputs, and .git, to avoid false positives from transcripts and logs. The flags --include-docs and --include-all widen the scan. In CI, you wire it up by adding momenbuilds/app-launch-guard@v1 (or @main pre-release) to a workflow with inputs path, output, fail-on, no-color, include-docs, and include-all. The --fail-on switch chooses when the exit code is non-zero: none, critical, or warning. The README is clear about scope. The tool does not guarantee App Store approval and is not a replacement for Apple's own guidelines or for the privacy answers required in App Store Connect. License is MIT.

Copy-paste prompts

Prompt 1
Install app-launch-guard globally and run a scan against a sample iOS project, then explain each warning in the report
Prompt 2
Add a GitHub Action step using momenbuilds/app-launch-guard@v1 that fails the build on critical issues only
Prompt 3
Write a script that runs app-launch-guard with JSON output and posts a summary comment on the PR
Prompt 4
Configure app-launch-guard to also scan my docs folder for review-sensitive wording around medical topics
Open on GitHub → Explain another repo

Generated 2026-05-22 · Model: sonnet-4-6 · Verify against the repo before relying on details.