ios-security
Installation
SKILL.md
iOS Security
Priority: P0 (CRITICAL)
Implementation Workflow
- Store secrets in secure storage — Use
SecItemAdd,SecItemUpdate, andSecItemDeletewithkSecClassGenericPasswordfor tokens/PII. Never useUserDefaults. - Add biometric auth — Use
LocalAuthenticationwithLAContext. Verify availability withcanEvaluatePolicybefore prompting. - Encrypt files — Use
Data.WritingOptions.completeFileProtectionwhen saving to disk. - Keep ATS enabled — Never disable App Transport Security globally in the iOS Info configuration.
- Pin certificates — Use
ServerTrustManagerorTrustKitfor production apps to prevent MITM attacks. - Strip sensitive logs — Ensure PII and tokens removed from logs in Release builds.
See Secure storage and biometrics implementation examples
Anti-Patterns
- No Secrets in
UserDefaults: Always use secure storage for tokens and PII - No Unhandled
LAError: Check foruserCancelandauthenticationFailedin biometric flows - No PII/Token Logging: Strip sensitive data from all logs in Release builds