Flutter Security

Audit and harden Flutter app security. Coverage: OWASP Mobile Top 10, secrets detection, secure storage, network security, binary protection, and privacy controls.

Workflow

1. Run secrets detection scan (Phase 1 — highest severity, must be clean before continuing).
2. Audit token and data storage.
3. Review network security configuration.
4. Check permissions (AndroidManifest + Info.plist).
5. Verify authentication and authorization flows.
6. Review binary protection settings.
7. Write docs/quality/security_review.md with findings by severity.

Phase 1: Secrets Detection