This is a systematic security auditor for Apple platform apps. It greps your codebase for common vulnerabilities like plaintext credentials, disabled SSL validation, and hardcoded secrets, then works through secure storage, biometric auth, network security, and platform-specific patterns. You get a structured report with severity ratings (critical through low) and side-by-side vulnerable versus secure code. The quick checks alone are worth it: automated searches for things like passwords in UserDefaults or secrets in print statements. It won't catch everything a manual pentest would, but it's a solid first pass that follows OWASP categories and Apple's security docs. Best used before submitting to App Store or after adding any authentication flow.
npx skills add https://github.com/rshankras/claude-code-apple-skills --skill security