authentication
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill adheres to iOS security guidelines and best practices for authentication.
- [SAFE]: Code snippets correctly demonstrate the use of the AuthenticationServices framework, avoiding insecure alternatives like WKWebView for OAuth flows.
- [SAFE]: Data storage patterns are secure, explicitly directing the use of the iOS Keychain with restrictive accessibility attributes (e.g., kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly) instead of insecure storage in UserDefaults.
- [SAFE]: The documentation provides critical security advice, such as caching user details only on first authentication and performing biometric checks with Face ID/Touch ID using LocalAuthentication.
Audit Metadata