This is a comprehensive reference system for iOS and macOS security work, built around a three-branch decision tree: review existing code against checklists, migrate legacy patterns to modern APIs, or implement from scratch using verified patterns. It covers Keychain Services, biometric auth, CryptoKit, Secure Enclave, and certificate pinning with direct citations to Apple documentation, Quinn's DTS posts, WWDC sessions, and OWASP MASTG. The philosophy is explicitly non-opinionated but correctness-focused, meaning it won't argue architecture with you but will tell you exactly which OSStatus codes you're ignoring and why your UserDefaults token storage is a critical finding. Targets iOS 13+ with forward-looking guidance through post-quantum iOS 26. Useful if you're doing security audits, migrating secrets out of plists, or need to justify decisions to compliance teams.
npx skills add https://github.com/ivan-magda/swift-security-skill --skill swift-security-expert