axiom-app-attest
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides security-focused guidance for implementing Apple's App Attest and DeviceCheck services.- [SAFE]: Code snippets use official iOS DeviceCheck frameworks and demonstrate standard implementation patterns for key generation and attestation.- [SAFE]: External network operations are restricted to official Apple API domains (devicecheck.apple.com, appattest.apple.com) for integrity verification and risk metrics.- [SAFE]: The documentation correctly emphasizes that security validation must occur server-side rather than on-device to prevent bypass by tampered applications.
Audit Metadata