By default Windows 11 will not run an untrusted .exe/PE file - it's governed by Microsoft Defender SmartScreen that will present a pop-up scaring people away and it actually isn't intuitive to click-through to run the program unless you've done it before.

I think that's the most important part in the whole article.

This is a Claude Code tool for developers. I'd assume that any potential user for this tool should be perfectly able to run that xattr command (and if they are not, they probably shouldn't be playing around with Claude Code either... yup, some additional "gatekeeping" from my side here).

You could probably even make some curl -sL https://github.com/myrepo/installme.sh | bash script for these users which takes care of the xattr command.

Your typical macOS enduser does not use command line tools. Or they use something like Homebrew.

Btw the proper way to distribute binary would probably be pkg installer.

You can configure it in a way that it won't allow you to run it at all, but out of the box, you will receive a message which forces you through three clicks. Enough to scare off people with no deep knowledge.

And yes, you can turn all of that off.

The main difference is that on Linux you can do it on gui. It's much easier to explain and convice the user to click "allow executing file as program" checkbox than a xatttr obscure cli command.