Skills
skills/peterbamuhigire/skills-web-dev/ios-rbac/Gen Agent Trust Hub

ios-rbac

Pass

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides instructional content and code templates focused on building secure iOS applications. It does not contain executable malicious scripts or commands.
  • [CREDENTIALS_SAFE]: The instructions explicitly warn against using insecure storage like UserDefaults for sensitive data, instead providing a KeychainHelper implementation using the system's kSecClassGenericPassword for encrypted-at-rest storage.
  • [DATA_PROTECTION]: The skill promotes a 'fail-secure' architecture, instructing developers to deny all access if permission status is unknown or if a fresh installation lacks cached data.
  • [ARCHITECTURE_INTEGRITY]: The guidance correctly identifies that client-side checks are for UI gating only and that the backend must always perform the final authorization, preventing common bypass vulnerabilities.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 18, 2026, 01:39 AM