IGF (Grapefruit) CLI

Trust Score 85/100

CLI skill to control the IGF (Grapefruit) dynamic instrumentation server for mobile security testing: enumerate Frida devices, inspect apps, run hooks, access f

triggers:fridadevice listigf devicehook logsdump memorysslpinningclass inspectagent fs

GitHub SKILL.md

What it does

The IGF (Grapefruit) CLI skill lets an agent control a running IGF dynamic instrumentation server (default http://localhost:31337) to perform mobile app security analysis. It exposes REST and Socket.IO RPC operations to enumerate Frida devices, list and inspect apps/processes, query hook and network/history logs, manage files on device, dump memory, and run introspection (class lists, symbols, sqlite). Typical workflows include triaging running processes, extracting logs, running hooks and pins (sslpinning, crypto), and gathering artifacts for vulnerability analysis.

When to use it

Use this skill when interacting with a local or remote IGF/Grapefruit server during mobile security testing: to list connected Frida devices, attach to an app, run hooks, inspect classes or modules, read logs, retrieve files, or perform binary/security checks. It's intended for security testers, reverse engineers, and developers needing deep runtime inspection.

What's included

Scripts: none detected in the skill folder (has_scripts=false)
References: none detected
Instructions: The SKILL.md documents CLI commands and session requirements (device id, platform, bundle/pid). It details commands for device/app management, logfile queries, history types (HTTP/NSURL/JNI), agent commands (fs, class, classdump, hook, pin, symbol, memory), platform-specific commands for Android/iOS, and example invocations.

Compatible agents

Likely used by CLI-capable agents and code-oriented assistants (Copilot-style or GPT/Codex integrations) that can invoke shell commands or format JSON summaries of results.

Audit Summary

IGF (Grapefruit) is a CLI skill for controlling a dynamic instrumentation server used in mobile security testing via Frida. The SKILL.md is comprehensive — well-structured command reference covering device management, hooking, memory inspection, class dumping, and platform-specific features for Android/iOS. No bundled scripts; the skill instructs the agent to call the `igf` CLI directly. No security issues found: no credential leakage, no destructive unguarded commands, no data exfiltration. The eval command carries inherent risk but is documented as a feature. Niche audience — mobile security researchers and reverse engineers.

Watch Out

Requires a running IGF/Grapefruit server and Frida setup on target device
Agent eval command allows arbitrary code execution on target — use with caution
No bundled scripts means the skill relies entirely on the igf CLI being installed

Notes

Well-documented CLI reference skill. The `igf agent eval` and `igf agent memory dump` commands are powerful but expected for a security testing tool. No exfiltration or self-updating mechanisms. The skill is purely a command reference — no scripts, no network calls, no hidden behavior. Usefulness is moderate due to niche audience (mobile security testers).

Information

Repository: grapefruit
Stars: 1,316

Trust Score

Overall85

Security88

Code Quality82

Architecture80

Usefulness55

More from grapefruit

MASTG Mobile Security Audit

Automated, checklist-driven mobile security audit aligned to OWASP MASTG v2 for iOS and Android; exports structured markdown findings and remediation guidance.

Related Skills

Readwise Reader Document Management

Manage Readwise Reader documents: list, save, search, move, tag, highlight, export and bulk-edit via official and custom CLIs.

ezBookkeeping API Tools

Command-line API tools for ezBookkeeping: record and query transactions, retrieve accounts/categories/tags, and fetch exchange rates for self-hosted personal fi

Tmux Bridge

Give an agent controlled access to a local tmux terminal bridge so it can run shell commands, capture output, and manage sessions on the user's machine.

SourceSage CLI

Generate concise, LLM-friendly repository summaries (Markdown) using the SourceSage CLI — supports lite mode, language switching, and targeted repo analysis.

Nit (Nitter CLI)

Terminal client to browse tweets, view profiles, and search posts via Nitter instances without opening a browser.

hn — Hacker News CLI

Terminal-based Hacker News client with a CLI and optional interactive TUI for browsing top/new/best/ask/show/jobs stories, viewing threads with nested comments,

Lokalise Migration — Deep Dive

Step-by-step migration guide and tooling for moving translations from Crowdin/Phrase/POEditor into Lokalise, including transforms, uploads and validation.

Vercel Common Errors

Diagnose and fix common Vercel build, serverless runtime, and edge/routing errors with step-by-step checks and fixes.

Back to Skills