performing-ios-app-security-assessment

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly instructs dumping keychain items, raw keychain JSON output, memory searches for "Bearer"/passwords and inspecting token items as proof—actions that require reading and (likely) outputting secret values verbatim, creating exfiltration risk.