flutter-security

Installation
SKILL.md

Mobile Security

Priority: P0 (CRITICAL)

Implementation Workflow

  1. Store secrets securely — Use flutter_secure_storage for tokens/PII. Never use shared_preferences for sensitive data.
  2. Externalize secrets — Never store API keys in Dart code. Use --dart-define or .env files.
  3. Obfuscate releases — Build --obfuscate --split-debug-info=./symbols. Deterrent only — move sensitive logic to backend.
  4. Pin certificatesdio_certificate_pinning for high-security apps to prevent MITM.
  5. Root detectionflutter_jailbreak_detection for root/jailbreak checks in financial/sensitive apps.
  6. Mask PII — Redact PII (email, phone) from all logs and analytics.

Secure Storage & Release Build Examples

See implementation examples for secure storage usage and obfuscated release build commands.

Reference & Examples

Installs
4
GitHub Stars
521
First Seen
May 27, 2026
flutter-security — hoangnguyen0403/agent-skills-standard