macOS Unquarantine & Open Quick Action

If you’re tired of digging through System Settings → Privacy & Security → Open Anyway every time macOS blocks an unsigned app/file, this recreates a faster workflow using a Finder Quick Action.

This version includes:

• A confirmation dialog before bypassing Gatekeeper
• Automatic removal of the com.apple.quarantine attribute
• Automatic opening of the file afterward
• Logging of every action taken
• Optional keyboard shortcut support

What this does

When you right-click a file in Finder and run this Quick Action:

1. Prompts you with a confirmation dialog
2. Removes the quarantine flag
3. Opens the file
4. Writes a log entry to:

~/Library/Logs/UnquarantineAndOpen.log

Step 1: Create the Quick Action in Automator

1. Open Automator
2. Click New Document
3. Select Quick Action

4. Configure the workflow:

• Workflow receives current: files or folders
• In: Finder

Step 2: Add the shell script

Search for:

Run Shell Script

Drag it into the workflow.

Set:

• Shell: /bin/zsh
• Pass input: as arguments

Paste this script:

LOGFILE="$HOME/Library/Logs/UnquarantineAndOpen.log"

for file in "$@"
do
  filename=$(basename "$file")
  timestamp=$(date "+%Y-%m-%d %H:%M:%S")

  response=$(osascript <<EOF
display dialog "Unquarantine and open:\n\n$filename\n\nThis bypasses macOS security checks." buttons {"Cancel", "Proceed"} default button "Proceed" with icon caution
if button returned of result is "Proceed" then
  return "yes"
else
  return "no"
end if
EOF
)

  if [[ "$response" == "yes" ]]; then
    if xattr -dr com.apple.quarantine "$file"; then
      echo "$timestamp | UNQUARANTINED | $file" >> "$LOGFILE"

      if open "$file"; then
        echo "$timestamp | OPENED        | $file" >> "$LOGFILE"
      else
        echo "$timestamp | OPEN FAILED   | $file" >> "$LOGFILE"
      fi
    else
      echo "$timestamp | XATTR FAILED   | $file" >> "$LOGFILE"
    fi
  else
    echo "$timestamp | CANCELLED       | $file" >> "$LOGFILE"
  fi
done

Step 3: Save the Quick Action

Save it with a name like:

Unquarantine & Open

This makes it appear in Finder when you:

• Right-click a file
• Choose Quick Actions
• Select your workflow

Step 4: Add Quick Actions to Finder toolbar (optional)

For faster access:

1. Open Finder
2. Right-click the toolbar
3. Select Customize Toolbar
4. Drag Quick Actions into the toolbar

Now you can trigger it without opening the context menu.

Step 5: Create a keyboard shortcut

1. Open: System Settings → Keyboard → Keyboard Shortcuts
2. Select: App Shortcuts
3. Click the + button
4. Configure:
   • Application: Finder
   • Menu Title: Unquarantine & Open
   • Shortcut: choose your preferred shortcut

Example:

Control + Option + Command + O

⚠️ The menu title must match your Quick Action name exactly. (ie, Unquarantine & Open)

Step 6: View logs

Your logs are stored here:

~/Library/Logs/UnquarantineAndOpen.log

View them with:

cat ~/Library/Logs/UnquarantineAndOpen.log

Or watch them live:

tail -f ~/Library/Logs/UnquarantineAndOpen.log

Where Quick Actions are stored

Automator stores Quick Actions here:

~/Library/Services/

You can open that folder quickly in Finder with:

Command + Shift + G

Then paste:

~/Library/Services

Security note

This bypasses macOS Gatekeeper protections.

Only use it for files/apps you trust.

Do not use this on random downloads from sketchy corners of the internet. That’s how people end up starring in their own cybersecurity documentary.