المهارات Mobile Security Coder
📦

Mobile Security Coder

آمن

Implement secure mobile applications with expert guidance

Mobile developers struggle with platform-specific security vulnerabilities and complex protection patterns. This skill provides battle-tested mobile security implementations for iOS, Android, and cross-platform applications.

يدعم: Claude Codex Code(CC)
🥉 72 برونزي
1

تنزيل ZIP المهارة

2

رفع في Claude

اذهب إلى Settings → Capabilities → Skills → Upload skill

3

فعّل وابدأ الاستخدام

اختبرها

استخدام "Mobile Security Coder". Configure secure WebView for loading third-party content

النتيجة المتوقعة:

  • Enable HTTPS-only URL loading with domain allowlist validation
  • Disable JavaScript by default, enable only for trusted domains with specific feature restrictions
  • Implement Content Security Policy with strict script-src directive
  • Configure cookie isolation and prevent third-party cookie access
  • Disable file access and local storage for untrusted content
  • Set custom user agent to prevent fingerprinting and enforce security policies

استخدام "Mobile Security Coder". Implement secure credential storage for mobile app

النتيجة المتوقعة:

  • Use iOS Keychain with kSecAttrAccessibleWhenUnlocked for biometric-protected secrets
  • Use Android Keystore with StrongBox or TEE-backed key generation
  • Derive encryption keys using PBKDF2 or Argon2 with device-specific salt
  • Exclude sensitive files from cloud backup with proper file protection flags
  • Clear sensitive data from memory after use with secure memory wiping
  • Implement key rotation and re-encryption for long-term stored credentials

التدقيق الأمني

آمن
v1 • 2/25/2026

Prompt-only skill with no executable code. Static analysis found zero security issues (risk score 0/100). Content provides legitimate mobile security guidance aligned with OWASP MASVS standards. No code execution, network access, or filesystem operations present.

0
الملفات التي تم فحصها
0
الأسطر التي تم تحليلها
0
النتائج
1
إجمالي عمليات التدقيق
لا توجد مشكلات أمنية
تم تدقيقه بواسطة: claude

درجة الجودة

38
الهندسة المعمارية
100
قابلية الصيانة
87
المحتوى
50
المجتمع
100
الأمان
74
الامتثال للمواصفات

ماذا يمكنك بناءه

Secure WebView Implementation

Configure WebView with URL allowlisting, JavaScript controls, Content Security Policy, and secure cookie handling to prevent injection attacks and data leakage

Biometric Authentication Setup

Implement Touch ID, Face ID, or fingerprint authentication with secure fallback mechanisms and biometric-protected credential storage

Cross-Platform Security Configuration

Apply security patterns for React Native bridge communication, Flutter platform channels, and Xamarin native interop with input validation

جرّب هذه الموجهات

Basic WebView Security 
Help me configure a secure WebView for my iOS application. I need to load only trusted HTTPS URLs and prevent JavaScript injection attacks. What are the essential security settings I should enable?
Biometric Authentication Implementation 
I need to add fingerprint authentication to my Android app with a secure fallback to PIN. Guide me through implementing biometric authentication using the Android Keystore system with proper error handling and security considerations.
Secure API Communication 
My React Native app communicates with a REST API handling sensitive user data. Help me implement certificate pinning, secure token storage, and protection against man-in-the-middle attacks. Include code examples for both iOS and Android.
Comprehensive Mobile Security Audit 
Review my mobile application architecture for security vulnerabilities. The app uses React Native with native modules, stores user credentials locally, and communicates with multiple backend services. Provide a threat model, identify potential attack vectors, and recommend specific security controls for each layer including data storage, network communication, authentication, and code protection.

أفضل الممارسات

  • Enforce HTTPS-only communication with certificate pinning to prevent man-in-the-middle attacks
  • Store credentials in platform-specific secure storage (Keychain, Keystore) with biometric protection
  • Validate and sanitize all external inputs including deep links, push notifications, and sensor data

تجنب

  • Storing sensitive data in UserDefaults, SharedPreferences, or unencrypted files
  • Disabling SSL certificate validation or accepting all certificates in production
  • Logging sensitive information like tokens, credentials, or personal data to console

الأسئلة المتكررة

What is the difference between this skill and security-auditor?
This skill focuses on hands-on mobile security coding and implementation of secure patterns. Security-auditor performs high-level security assessments, compliance reviews, and threat modeling. Use this for writing secure mobile code, security-auditor for evaluating existing security posture.
Does this skill support both iOS and Android development?
Yes, this skill covers platform-specific security for both iOS and Android, as well as cross-platform frameworks including React Native, Flutter, Xamarin, and Cordova. It provides implementation guidance tailored to each platform's security model.
Can this skill help with OWASP MASVS compliance?
Yes, the skill aligns recommendations with OWASP Mobile Application Security Verification Standard (MASVS) guidelines. It can help implement controls for data storage, cryptography, authentication, network communication, and code protection requirements.
Does this skill provide actual security testing or code execution?
No, this skill provides implementation guidance and security recommendations only. It does not execute code, perform penetration testing, or conduct automated security scans. All recommendations require developer implementation and validation.
What mobile authentication methods does this skill support?
This skill covers biometric authentication (Touch ID, Face ID, fingerprint), multi-factor authentication with TOTP, OAuth with PKCE for mobile flows, JWT token handling, and session management including background/foreground transitions and secure token refresh.
How does this skill handle WebView security concerns?
This skill provides comprehensive WebView security guidance including URL allowlisting, JavaScript controls, Content Security Policy implementation, secure cookie handling, file access restrictions, and regular cache cleanup to prevent injection attacks and data leakage.

تفاصيل المطور

المؤلف

sickn33

الترخيص

MIT

المستودع

https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/mobile-security-coder

مرجع

main

بنية الملفات

📄 SKILL.md