> Then click to allow when the system dialog asks if the sample app can control TextEdit via Apple Events.
The author argues,
> This should appear very innocuous to the user, because nobody thinks that TextEdit is dangerous, so one would think it's not much of a risk to allow TextEdit to be controlled.
> However, when an app such as TextEdit with the "com.apple.security.files.user-selected.executable" entitlement saves a file, it removes the quarantine extended attribute!
> Then click to allow when the system dialog asks if the sample app can control TextEdit via Apple Events.
The author argues,
> This should appear very innocuous to the user, because nobody thinks that TextEdit is dangerous, so one would think it's not much of a risk to allow TextEdit to be controlled.
This is what the dialog looks like: https://imgur.com/a/HRXDG0x
The smaller text is where the app developer provides an explanation for why they are requesting the permission.