reverse-engineering-ios-app-with-frida

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs runtime hooks and logging that capture and print sensitive values (tokens, encryption keys, keychain items, NSUserDefaults), which requires the agent to handle and output secrets verbatim, creating a high exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). This skill contains explicit, actionable techniques and scripts to bypass security controls (SSL pinning, jailbreak/Frida detection), intercept cryptographic operations, and extract secrets (Keychain, tokens, encryption keys), which are high-risk capabilities that can be readily abused for credential theft and data exfiltration despite being presented for authorized testing.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). This skill explicitly guides the agent to obtain root access on a target device (ssh root@...), install and run Frida server/Gadget, decrypt FairPlay binaries, hook and alter runtime behavior, and evade anti-tampering/anti-Frida protections—i.e., it instructs bypassing security mechanisms and modifying the target machine's state.