AI review agents for iOS, iPadOS, and macOS developers.
Zag runs AI agents in real Apple developer environments - Apple Silicon, Xcode, simulators, and your complete toolchain.
Zag runs AI agents in real Apple developer environments - Apple Silicon, Xcode, simulators, and your complete toolchain. Describe agents in TypeScript or Swift that do code review, QA, security, or App Store compliance, and run them on every PR.
import Zaglet qaAgent = defineTask( on: .presubmit, given: env, then: { session in try await session.build() try await session.install() try await session.launch(.iPhone17) try await session.codexWithSimulator( device: .iPhone17, prompt: """ You are a QA engineer. The app is running in the simulator. 1. Navigate through the payment flow 2. Check every screen for layout issues 3. Test with Dynamic Type at XXL 4. Screenshot any issues you find Report each issue with the file, line, and a screenshot. """ ) })
zag · PR #47 · 2 agents running
qaAgent● session.build() -succeeded (14.2s)● session.install() -installed to simulator● session.launch(.iPhone17) -launched● session.codexWithSimulator() Running Codex with Xcode MCP... Navigating to payment flow... Screenshot: payment_confirmation.png ⚠ Button clipped on iPhone SE ✓ No overlapping views ✓ Dynamic Type scales correctly Posting review with 1 screenshot
securityAudit● session.build() -succeeded● session.codex() Scanning Keychain usage... ✓ kSecAttrAccessible set correctly Scanning network layer... ⚠ HTTP endpoint in Config.plist ✓ Certificate pinning enabled Scanning secrets... ✓ No hardcoded API keys Posting review with 1 warning
zag · PR #47 · 2 agents
qaAgent● session.build() -succeeded (14.2s)● session.install() -installed to simulator● session.launch(.iPhone17) -launched● session.codexWithSimulator() Running Codex with Xcode MCP... Navigating to payment flow... Screenshot: payment_confirmation.png ⚠ Button clipped on iPhone SE ✓ No overlapping views ✓ Dynamic Type scales correctly Posting review with 1 screenshot
securityAudit● session.build() -succeeded● session.codex() Scanning Keychain usage... ✓ kSecAttrAccessible set correctly Scanning network layer... ⚠ HTTP endpoint in Config.plist ✓ Certificate pinning enabled Scanning secrets... ✓ No hardcoded API keys Posting review with 1 warning
9:41●●● ᯤ ■
‹ PRsEdit
PR #47Add payment flow · 3m ago
AGENTS
⚠
QA Check1 issue · 14.2s
›
⚠
Security Audit1 warning · 8.7s
›
✓
Code ReviewNo issues · 18.4s
›
✓
App StoreCompliant · 6.7s
›
Agents
Describe agents for your project.
Write agents in TypeScript or Swift that review your code, test your UI, audit your security, or check App Store compliance. Each one runs in a real macOS sandbox, building and running your app.
QA AgentBuilds your app, launches it on every device size, and navigates your key flows. Catches layout issues, clipped text, and broken navigation before your users do.
zag[bot] · PR #47 · qaAgentQA Check — 2 issues found⚠ PaymentView.swift:47 Button clipped on iPhone SE⚠ OnboardingView.swift:12 Text truncated at Dynamic Type XXL✓ 14 other flows passed
App StoreChecks your app against Apple's review guidelines before you submit. Catches the things that get your app rejected and cost you a week.
zag[bot] · appStoreComplianceApp Store — 1 issue found⚠ Info.plist Missing NSCameraUsageDescription✓ Privacy manifests present✓ No deprecated APIs✓ Min deployment target met
Pen TestLaunches your app and actively tries to break it. Intercepts network traffic, probes authentication, and attempts to access protected data.
zag[bot] · penTestPen Test — 1 vulnerabilityCRITICAL: /api/user/profile Unencrypted request with auth token over HTTP. Replay attack successful.✓ Certificate pinning verified✓ No data leakage in bg snapshot
Code ReviewBuilds your project, resolves types, runs your tests, and reviews with full context. Not just reading the diff. Understanding your codebase.
zag[bot] · codeReviewCode Review — 3 comments💬 PaymentManager.swift:23 Closure captures self strongly. Creates a retain cycle. Use [weak self]💬 NetworkClient.swift:41 Force-unwrap will crash on 404.
CustomBuild any agent you can imagine. Describe it in TypeScript or Swift, give it an environment, and run it on every PR.
myAgent.swiftimport Zaglet myAgent = defineTask( on: .presubmit, given: env, then: { session in // Your agent here. })
ENVIRONMENT
Create environments with your entire stack.
Zag agents run in real macOS sandboxes with a local database, queue, server, and other services. Define what you need, and Zag environments boot in milliseconds with cached virtual silicon VMs.
env.ts
import { type Environment, simulator } from "@zag/sdk"export const env: Environment = { apps: ["xcode:16.2"], // full Xcode toolchain brew: ["postgresql@16", "redis"], // any Homebrew package memory: "16gb", // easily beef up your instances storage: "100gb", setup: async ($) => { // runs once, cached await simulator.create("iPhone 16", { os: "iOS 18.2" }) await simulator.create("iPad Pro 13", { os: "iPadOS 18.2" }) await $`createdb testdb` await $`xcodebuild -resolvePackageDependencies` }, secrets: ".env.encrypted", // injected at runtime}
Every Zag session is a live stream. Your coding agents subscribe, react, and spin up new agents on the fly. Install the GitHub App and they run on every PR.
01StreamsEvery Zag session produces a live stream. Claude Code and Codex subscribe to it, react in real time, and see what actually happened instead of a flaky test result.
10 sessions · running
✓ iPhone SE
✓ iPhone 16
⚠ iPhone 16 Max
✓ iPad mini
✓ iPad Pro
◌ iPhone 17
02EnvironmentsLet Claude Code create Zag sessions for a feature it's working on to QA test on 10 devices at once.
zag[bot]reviewed just now
✓QA Check passed
✓Security Audit passed
✓Code Review — no issues
03CollaborationInstall the Zag GitHub App. Every pull request triggers your agents automatically on real Apple Silicon.