iOS Insecure Storage. Use this skill whenever diffs may introduce security issues on mobile, especially in Swift, Objective-C. Actively look for: Storing sensitive data in UserDefaults or plist files instead of Keychain with proper accessibility attributes. and report findings with high severity expectations and actionable fixes.
securityhighmobileSwift, Objective-CStoring sensitive data in UserDefaults or plist files instead of Keychain with proper accessibility attributes.
// BUGGY CODE — should be detected
// Example demonstrating the vulnerability
Expected finding: High — Storing sensitive data in UserDefaults or plist files instead of Keychain with p... Implement proper security controls.
// BUGGY CODE — should be detected
// Alternative pattern showing same issue
Expected finding: High — Similar vulnerability via different code path. Apply recommended mitigations.
// CORRECT CODE — should NOT be flagged
// Demonstrates proper security controls
Why it's correct: Implements recommended security practices and validation.