IGF (Grapefruit) CLI

What it does

The IGF (Grapefruit) CLI skill lets an agent control a running IGF dynamic instrumentation server (default http://localhost:31337) to perform mobile app security analysis. It exposes REST and Socket.IO RPC operations to enumerate Frida devices, list and inspect apps/processes, query hook and network/history logs, manage files on device, dump memory, and run introspection (class lists, symbols, sqlite). Typical workflows include triaging running processes, extracting logs, running hooks and pins (sslpinning, crypto), and gathering artifacts for vulnerability analysis.

When to use it

Use this skill when interacting with a local or remote IGF/Grapefruit server during mobile security testing: to list connected Frida devices, attach to an app, run hooks, inspect classes or modules, read logs, retrieve files, or perform binary/security checks. It's intended for security testers, reverse engineers, and developers needing deep runtime inspection.

What's included

• Scripts: none detected in the skill folder (has_scripts=false)
• References: none detected
• Instructions: The SKILL.md documents CLI commands and session requirements (device id, platform, bundle/pid). It details commands for device/app management, logfile queries, history types (HTTP/NSURL/JNI), agent commands (fs, class, classdump, hook, pin, symbol, memory), platform-specific commands for Android/iOS, and example invocations.

Compatible agents

Likely used by CLI-capable agents and code-oriented assistants (Copilot-style or GPT/Codex integrations) that can invoke shell commands or format JSON summaries of results.