Stats
Actions
Tags
From role-mobile
Provides expert guidance on mobile app security: certificate pinning, Keychain/KeyStore storage, ProGuard/R8 obfuscation, root/jailbreak detection, biometrics, secure IPC, App Transport Security. Use for hardening iOS/Android apps.
How this skill is triggered — by the user, by Claude, or both
Slash command
/role-mobile:mobile-securityThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
- Implementing certificate pinning to prevent MITM attacks
references/network-storage-security.md — certificate pinning rationale, iOS URLSession/NSPinnedDomains/TrustKit implementation, Android network_security_config.xml and OkHttp CertificatePinner, cross-platform pinning libraries, iOS Keychain Services access controls, Android KeyStore hardware-backed keys and EncryptedSharedPreferences, cross-platform secure storage libraries, App Transport Security configurationreferences/obfuscation-runtime-auth.md — Android R8/ProGuard configuration and resource shrinking, iOS symbol stripping, React Native/Flutter obfuscation caveats, root/jailbreak detection strategies and evasion limits, iOS LAContext biometrics, Android BiometricPrompt with CryptoObject, secure IPC patterns (explicit intents, Universal Links, ContentProvider permissions)npx claudepluginhub rnavarych/alpha-engineer --plugin role-mobileImplements secure mobile coding practices for input validation, WebView security, secure data storage like Keychain/Keystore, and mobile authentication patterns.
Provides Android security patterns for secure storage with EncryptedSharedPreferences and Keystore, network security configs, certificate pinning, input validation, and authentication.
Audits iOS and Android apps against OWASP MASVS/MASTG — covers insecure storage, weak crypto, certificate pinning, deeplinks, IPC, jailbreak/root detection, and reverse-engineering resistance.