ios-security

Installation
SKILL.md

iOS Security

Priority: P0 (CRITICAL)

Implementation Workflow

  1. Store secrets in secure storage — Use SecItemAdd, SecItemUpdate, and SecItemDelete with kSecClassGenericPassword for tokens/PII. Never use UserDefaults.
  2. Add biometric auth — Use LocalAuthentication with LAContext. Verify availability with canEvaluatePolicy before prompting.
  3. Encrypt files — Use Data.WritingOptions.completeFileProtection when saving to disk.
  4. Keep ATS enabled — Never disable App Transport Security globally in the iOS Info configuration.
  5. Pin certificates — Use ServerTrustManager or TrustKit for production apps to prevent MITM attacks.
  6. Strip sensitive logs — Ensure PII and tokens removed from logs in Release builds.

See Secure storage and biometrics implementation examples

Anti-Patterns

  • No Secrets in UserDefaults: Always use secure storage for tokens and PII
  • No Unhandled LAError: Check for userCancel and authenticationFailed in biometric flows
  • No PII/Token Logging: Strip sensitive data from all logs in Release builds
Installs
1
GitHub Stars
521
First Seen
Jun 2, 2026
ios-security — hoangnguyen0403/agent-skills-standard