App Store Review
Scan iOS, macOS, tvOS, watchOS, and visionOS app code for App Store Guideline violations before you submit.
Overview
App Store Review is an agent skill for the Ship phase that checks Apple-platform app code against App Store Review Guidelines before submission.
Install
npx skills add https://github.com/safaiyeh/app-store-review-skill --skill app-store-reviewWhat is this skill?
- Maps reviews to full App Store Review Guidelines sections including Safety, Performance, Business, Design, and Legal rul
- Supports Swift, Objective-C, React Native, and Expo codebases in one compliance pass
- Triggers on submission prep, compliance audits, payments, user data, UGC, and Kids Category risk areas
- Uses per-section rule files (e.g. 1-safety, 2-performance) for checklists and code-oriented examples
- Positions the skill as pre-flight rejection prevention before App Store Connect upload
- Guideline coverage organized into major sections including Safety and Performance with dedicated rules/*.md files
- Supports four stack labels: Swift, Objective-C, React Native, and Expo
- Packaged as app-store-review skill version 1.0.0 per SKILL.md metadata
Adoption & trust: 641 installs on skills.sh; 144 GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
You are close to App Store submission but are unsure whether payments, UGC, privacy, or completeness issues will trigger an Apple rejection.
Who is it for?
Indie iOS or Expo builders doing a structured pre-submission audit with an agent that can read project code and guideline rule files.
Skip if: Android-only or Play Store projects, web SaaS with no Apple binary, or teams that need formal legal/regulatory sign-off instead of guideline-oriented code review.
When should I use this skill?
Reviewing iOS, macOS, tvOS, watchOS, or visionOS code for App Store rejection risks, submission readiness, or compliance with Apple App Store Review Guidelines.
What do I get? / Deliverables
After the skill runs, you get a guideline-aligned compliance review with section-specific risks flagged so you can fix code and product behavior before upload.
- Section-by-section compliance findings tied to guideline rule files
- Prioritized list of likely rejection themes (payments, UGC, privacy, completeness)
- Remediation-oriented notes aligned to pre-submission fix windows
Recommended Skills
Journey fit
Pre-submission compliance review belongs in Ship when you are clearing launch gates and avoiding Apple rejection loops. Launch subphase covers submission readiness, guideline checks, and release packaging—not day-one feature coding.
How it compares
Use this guideline checker skill instead of generic mobile linting that does not map findings to App Store Review section rejections.
Common Questions / FAQ
Who is app-store-review for?
It is for solo and small-team Apple-platform developers using Swift, Objective-C, React Native, or Expo who want agent-assisted compliance before App Store Connect submission.
When should I use app-store-review?
Use it in Ship launch prep when preparing submission, reviewing new payment or data features, auditing UGC moderation, or checking Kids Category and safety rules—not when you are still ideating unrelated web products.
Is app-store-review safe to install?
Check the Security Audits panel on this Prism page; the skill reads your codebase for review and you should verify the repo source and license (MIT) before broad agent access.
SKILL.md
READMESKILL.md - App Store Review
# App Store Review Guidelines Checker Comprehensive guide for evaluating iOS, macOS, tvOS, watchOS, and visionOS app code against Apple's App Store Review Guidelines. This skill covers EVERY guideline point to identify potential rejection issues before submission. **Supports:** Swift, Objective-C, React Native, and Expo apps ## When to Apply Use this skill when: - Preparing an app for App Store submission - Reviewing code for compliance issues - Implementing features that may trigger review concerns - Auditing existing apps for guideline violations - Building features involving payments, user data, or sensitive content ## Guideline Sections Read individual rule files for detailed explanations, checklists, and code examples: | Section | File | Key Topics | |---------|------|------------| | **1. Safety** | [rules/1-safety.md](rules/1-safety.md) | Objectionable content, UGC moderation, Kids Category, physical harm, data security | | **2. Performance** | [rules/2-performance.md](rules/2-performance.md) | App completeness, metadata accuracy, hardware compatibility, software requirements | | **3. Business** | [rules/3-business.md](rules/3-business.md) | In-app purchase, subscriptions, cryptocurrencies, other business models | | **4. Design** | [rules/4-design.md](rules/4-design.md) | Copycats, minimum functionality, spam, extensions, Apple services, login | | **5. Legal** | [rules/5-legal.md](rules/5-legal.md) | Privacy, data collection, intellectual property, gambling, VPN, MDM | ## Risk Levels by Category | Risk Level | Category | Section | Common Rejection Reasons | |------------|----------|---------|--------------------------| | CRITICAL | Privacy & Data | 5.1 | Missing privacy policy, unauthorized data collection | | CRITICAL | Payments | 3.1 | Bypassing in-app purchase, unclear pricing | | HIGH | Safety | 1.x | Objectionable content, inadequate UGC moderation | | HIGH | Performance | 2.x | Crashes, incomplete features, deprecated APIs | | MEDIUM | Design | 4.x | Copycat apps, minimum functionality issues | | MEDIUM | Legal | 5.x | IP violations, gambling without license | --- ## Quick Reference: High-Risk Rejection Patterns ### Critical Issues (Immediate Rejection) **Swift:** ```swift // 🔴 Private API usage let selector = NSSelectorFromString("_privateMethod") // 🔴 Hardcoded secrets let apiKey = "sk_live_xxxxx" // 🔴 External payment for digital goods func purchaseDigitalContent() { openStripeCheckout() // Use StoreKit instead } ``` **React Native / Expo:** ```typescript // 🔴 Hardcoded secrets in JS bundle const API_KEY = 'sk_live_xxxxx'; // REJECTION // 🔴 External payment for digital goods Linking.openURL('https://stripe.com/checkout'); // Use react-native-iap // 🔴 Dynamic code execution eval(downloadedCode); // REJECTION // 🔴 Major feature changes via CodePush/expo-updates // OTA updates for bug fixes only, not new features! ``` ### High-Risk Issues **Swift:** ```swift // 🟡 Missing ATT when using ad SDKs import FacebookAds // Without ATTrackingManager // 🟡 Account creation without deletion func createAccount() { } // But no deleteAccount() ``` **React Native / Expo:** ```typescript // 🟡 Missing ATT (use expo-tracking-transparency) import analytics from '@react-native-firebase/analytics'; analytics().logEvent('event'); // Without ATT prompt = REJECTION // 🟡 Account deletion via website only Linking.openURL('https://example.com/delete'); // Must be in-app! // 🟡 Social login without Sign in with Apple <GoogleSigninButton /> // Must a