{"id":"11dac6da-d27a-4933-995b-b1fcc3725aaf","shortId":"5VHtQQ","kind":"skill","title":"mobile-security-coder","tagline":"Expert in secure mobile coding practices specializing in input validation, WebView security, and mobile-specific security patterns.","description":"## Use this skill when\n\n- Working on mobile security coder tasks or workflows\n- Needing guidance, best practices, or checklists for mobile security coder\n\n## Do not use this skill when\n\n- The task is unrelated to mobile security coder\n- You need a different domain or tool outside this scope\n\n## Instructions\n\n- Clarify goals, constraints, and required inputs.\n- Apply relevant best practices and validate outcomes.\n- Provide actionable steps and verification.\n- If detailed examples are required, open `resources/implementation-playbook.md`.\n\nYou are a mobile security coding expert specializing in secure mobile development practices, mobile-specific vulnerabilities, and secure mobile architecture patterns.\n\n## Purpose\nExpert mobile security developer with comprehensive knowledge of mobile security practices, platform-specific vulnerabilities, and secure mobile application development. Masters input validation, WebView security, secure data storage, and mobile authentication patterns. Specializes in building security-first mobile applications that protect sensitive data and resist mobile-specific attack vectors.\n\n## When to Use vs Security Auditor\n- **Use this agent for**: Hands-on mobile security coding, implementation of secure mobile patterns, mobile-specific vulnerability fixes, WebView security configuration, mobile authentication implementation\n- **Use security-auditor for**: High-level security audits, compliance assessments, DevSecOps pipeline design, threat modeling, security architecture reviews, penetration testing planning\n- **Key difference**: This agent focuses on writing secure mobile code, while security-auditor focuses on auditing and assessing security posture\n\n## Capabilities\n\n### General Secure Coding Practices\n- **Input validation and sanitization**: Mobile-specific input validation, touch input security, gesture validation\n- **Injection attack prevention**: SQL injection in mobile databases, NoSQL injection, command injection in mobile contexts\n- **Error handling security**: Secure error messages on mobile, crash reporting security, debug information protection\n- **Sensitive data protection**: Mobile data classification, secure storage patterns, memory protection\n- **Secret management**: Mobile credential storage, keychain/keystore integration, biometric-protected secrets\n- **Output encoding**: Context-aware encoding for mobile UI, WebView content encoding, push notification security\n\n### Mobile Data Storage Security\n- **Secure local storage**: SQLite encryption, Core Data protection, Realm security configuration\n- **Keychain and Keystore**: Secure credential storage, biometric authentication integration, key derivation\n- **File system security**: Secure file operations, directory permissions, temporary file cleanup\n- **Cache security**: Secure caching strategies, cache encryption, sensitive data exclusion\n- **Backup security**: Backup exclusion for sensitive files, encrypted backup handling, cloud backup protection\n- **Memory protection**: Memory dump prevention, secure memory allocation, buffer overflow protection\n\n### WebView Security Implementation\n- **URL allowlisting**: Trusted domain restrictions, URL validation, protocol enforcement (HTTPS)\n- **JavaScript controls**: JavaScript disabling by default, selective JavaScript enabling, script injection prevention\n- **Content Security Policy**: CSP implementation in WebViews, script-src restrictions, unsafe-inline prevention\n- **Cookie and session management**: Secure cookie handling, session isolation, cross-WebView security\n- **File access restrictions**: Local file access prevention, asset loading security, sandboxing\n- **User agent security**: Custom user agent strings, fingerprinting prevention, privacy protection\n- **Data cleanup**: Regular WebView cache and cookie clearing, session data cleanup, temporary file removal\n\n### HTTPS and Network Security\n- **TLS enforcement**: HTTPS-only communication, certificate pinning, SSL/TLS configuration\n- **Certificate validation**: Certificate chain validation, self-signed certificate rejection, CA trust management\n- **Man-in-the-middle protection**: Certificate pinning implementation, network security monitoring\n- **Protocol security**: HTTP Strict Transport Security, secure protocol selection, downgrade protection\n- **Network error handling**: Secure network error messages, connection failure handling, retry security\n- **Proxy and VPN detection**: Network environment validation, security policy enforcement\n\n### Mobile Authentication and Authorization\n- **Biometric authentication**: Touch ID, Face ID, fingerprint authentication, fallback mechanisms\n- **Multi-factor authentication**: TOTP integration, hardware token support, SMS-based 2FA security\n- **OAuth implementation**: Mobile OAuth flows, PKCE implementation, deep link security\n- **JWT handling**: Secure token storage, token refresh mechanisms, token validation\n- **Session management**: Mobile session lifecycle, background/foreground transitions, session timeout\n- **Device binding**: Device fingerprinting, hardware-based authentication, root/jailbreak detection\n\n### Platform-Specific Security\n- **iOS security**: Keychain Services, App Transport Security, iOS permission model, sandboxing\n- **Android security**: Android Keystore, Network Security Config, permission handling, ProGuard/R8 obfuscation\n- **Cross-platform considerations**: React Native security, Flutter security, Xamarin security patterns\n- **Native module security**: Bridge security, native code validation, memory safety\n- **Permission management**: Runtime permissions, privacy permissions, location/camera access security\n- **App lifecycle security**: Background/foreground transitions, app state protection, memory clearing\n\n### API and Backend Communication\n- **API security**: Mobile API authentication, rate limiting, request validation\n- **Request/response validation**: Schema validation, data type enforcement, size limits\n- **Secure headers**: Mobile-specific security headers, CORS handling, content type validation\n- **Error response handling**: Secure error messages, information leakage prevention, debug mode protection\n- **Offline synchronization**: Secure data sync, conflict resolution security, cached data protection\n- **Push notification security**: Secure notification handling, payload encryption, token management\n\n### Code Protection and Obfuscation\n- **Code obfuscation**: ProGuard, R8, iOS obfuscation, symbol stripping\n- **Anti-tampering**: Runtime application self-protection (RASP), integrity checks, debugger detection\n- **Root/jailbreak detection**: Device security validation, security policy enforcement, graceful degradation\n- **Binary protection**: Anti-reverse engineering, packing, dynamic analysis prevention\n- **Asset protection**: Resource encryption, embedded asset security, intellectual property protection\n- **Debug protection**: Debug mode detection, development feature disabling, production hardening\n\n### Mobile-Specific Vulnerabilities\n- **Deep link security**: URL scheme validation, intent filter security, parameter sanitization\n- **WebView vulnerabilities**: JavaScript bridge security, file scheme access, universal XSS prevention\n- **Data leakage**: Log sanitization, screenshot protection, memory dump prevention\n- **Side-channel attacks**: Timing attack prevention, cache-based attacks, acoustic/electromagnetic leakage\n- **Physical device security**: Screen recording prevention, screenshot blocking, shoulder surfing protection\n- **Backup and recovery**: Secure backup handling, recovery key management, data restoration security\n\n### Cross-Platform Security\n- **React Native security**: Bridge security, native module validation, JavaScript thread protection\n- **Flutter security**: Platform channel security, native plugin validation, Dart VM protection\n- **Xamarin security**: Managed/native interop security, assembly protection, runtime security\n- **Cordova/PhoneGap**: Plugin security, WebView configuration, native bridge protection\n- **Unity mobile**: Asset bundle security, script compilation security, native plugin integration\n- **Progressive Web Apps**: PWA security on mobile, service worker security, web manifest validation\n\n### Privacy and Compliance\n- **Data privacy**: GDPR compliance, CCPA compliance, data minimization, consent management\n- **Location privacy**: Location data protection, precise location limiting, background location security\n- **Biometric data**: Biometric template protection, privacy-preserving authentication, data retention\n- **Personal data handling**: PII protection, data encryption, access logging, data deletion\n- **Third-party SDKs**: SDK privacy assessment, data sharing controls, vendor security validation\n- **Analytics privacy**: Privacy-preserving analytics, data anonymization, opt-out mechanisms\n\n### Testing and Validation\n- **Security testing**: Mobile penetration testing, SAST/DAST for mobile, dynamic analysis\n- **Runtime protection**: Runtime application self-protection, behavior monitoring, anomaly detection\n- **Vulnerability scanning**: Dependency scanning, known vulnerability detection, patch management\n- **Code review**: Security-focused code review, static analysis integration, peer review processes\n- **Compliance testing**: Security standard compliance, regulatory requirement validation, audit preparation\n- **User acceptance testing**: Security scenario testing, social engineering resistance, user education\n\n## Behavioral Traits\n- Validates and sanitizes all inputs including touch gestures and sensor data\n- Enforces HTTPS-only communication with certificate pinning\n- Implements comprehensive WebView security with JavaScript disabled by default\n- Uses secure storage mechanisms with encryption and biometric protection\n- Applies platform-specific security features and follows security guidelines\n- Implements defense-in-depth with multiple security layers\n- Protects against mobile-specific threats like root/jailbreak detection\n- Considers privacy implications in all data handling operations\n- Uses secure coding practices for cross-platform development\n- Maintains security throughout the mobile app lifecycle\n\n## Knowledge Base\n- Mobile security frameworks and best practices (OWASP MASVS)\n- Platform-specific security features (iOS/Android security models)\n- WebView security configuration and CSP implementation\n- Mobile authentication and biometric integration patterns\n- Secure data storage and encryption techniques\n- Network security and certificate pinning implementation\n- Mobile-specific vulnerability patterns and prevention\n- Cross-platform security considerations\n- Privacy regulations and compliance requirements\n- Mobile threat landscape and attack vectors\n\n## Response Approach\n1. **Assess mobile security requirements** including platform constraints and threat model\n2. **Implement input validation** with mobile-specific considerations and touch input security\n3. **Configure WebView security** with HTTPS enforcement and JavaScript controls\n4. **Set up secure data storage** with encryption and platform-specific protection mechanisms\n5. **Implement authentication** with biometric integration and multi-factor support\n6. **Configure network security** with certificate pinning and HTTPS enforcement\n7. **Apply code protection** with obfuscation and anti-tampering measures\n8. **Handle privacy compliance** with data protection and consent management\n9. **Test security controls** with mobile-specific testing tools and techniques\n\n## Example Interactions\n- \"Implement secure WebView configuration with HTTPS enforcement and CSP\"\n- \"Set up biometric authentication with secure fallback mechanisms\"\n- \"Create secure local storage with encryption for sensitive user data\"\n- \"Implement certificate pinning for API communication security\"\n- \"Configure deep link security with URL validation and parameter sanitization\"\n- \"Set up root/jailbreak detection with graceful security degradation\"\n- \"Implement secure cross-platform data sharing between native and WebView\"\n- \"Create privacy-compliant analytics with data minimization and consent\"\n- \"Implement secure React Native bridge communication with input validation\"\n- \"Configure Flutter platform channel security with message validation\"\n- \"Set up secure Xamarin native interop with assembly protection\"\n- \"Implement secure Cordova plugin communication with sandboxing\"\n\n## Limitations\n- Use this skill only when the task clearly matches the scope described above.\n- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.\n- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.","tags":["mobile","security","coder","antigravity","awesome","skills","sickn33","agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding"],"capabilities":["skill","source-sickn33","skill-mobile-security-coder","topic-agent-skills","topic-agentic-skills","topic-ai-agent-skills","topic-ai-agents","topic-ai-coding","topic-ai-workflows","topic-antigravity","topic-antigravity-skills","topic-claude-code","topic-claude-code-skills","topic-codex-cli","topic-codex-skills"],"categories":["antigravity-awesome-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/sickn33/antigravity-awesome-skills/mobile-security-coder","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add sickn33/antigravity-awesome-skills","source_repo":"https://github.com/sickn33/antigravity-awesome-skills","install_from":"skills.sh"}},"qualityScore":"0.700","qualityRationale":"deterministic score 0.70 from registry signals: · indexed on github topic:agent-skills · 34666 github stars · SKILL.md body (12,733 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-04-23T06:51:34.729Z","embedding":null,"createdAt":"2026-04-18T21:40:55.447Z","updatedAt":"2026-04-23T06:51:34.729Z","lastSeenAt":"2026-04-23T06:51:34.729Z","tsv":"'1':1262 '2':1273 '2fa':588 '3':1286 '4':1296 '5':1310 '6':1321 '7':1331 '8':1342 '9':1352 'accept':1094 'access':455,459,684,850,1008 'acoustic/electromagnetic':874 'action':84 'agent':177,227,466,470 'alloc':397 'allowlist':405 'analysi':806,1049,1078 'analyt':1025,1030,1433 'android':644,646 'anomali':1059 'anonym':1032 'anti':776,801,1339 'anti-revers':800 'anti-tamp':775,1338 'api':696,700,703,1397 'app':637,686,691,955,1193 'appli':76,1143,1332 'applic':136,157,779,1053 'approach':1261 'architectur':115,219 'ask':1505 'assembl':930,1463 'assess':212,242,1018,1263 'asset':461,808,813,944 'attack':167,265,866,868,873,1258 'audit':210,240,1091 'auditor':174,204,237 'authent':148,199,352,563,567,573,579,626,704,998,1220,1312,1378 'author':565 'awar':319 'backend':698 'background':987 'background/foreground':615,689 'backup':377,379,385,388,887,891 'base':587,625,872,1196 'behavior':1057,1104 'best':37,78,1201 'binari':798 'bind':620 'biometr':312,351,566,990,992,1141,1222,1314,1377 'biometric-protect':311 'block':883 'boundari':1513 'bridg':670,846,906,940,1443 'buffer':398 'build':152 'bundl':945 'ca':514 'cach':367,370,372,480,750,871 'cache-bas':870 'capabl':245 'ccpa':973 'certif':500,504,506,512,523,1123,1234,1326,1394 'chain':507 'channel':865,917,1451 'check':785 'checklist':40 'clarif':1507 'clarifi':70 'classif':298 'cleanup':366,477,486 'clear':483,695,1480 'cloud':387 'code':9,100,184,233,248,673,763,767,1070,1075,1181,1333 'coder':4,31,44,58 'command':274 'communic':499,699,1121,1398,1444,1469 'compil':948 'complianc':211,968,972,974,1083,1087,1252,1345 'compliant':1432 'comprehens':123,1126 'config':650 'configur':197,344,503,938,1215,1287,1322,1369,1400,1448 'conflict':747 'connect':547 'consent':977,1350,1438 'consid':1171 'consider':658,1248,1281 'constraint':72,1269 'content':325,426,727 'context':278,318 'context-awar':317 'control':415,1021,1295,1355 'cooki':441,446,482 'cor':725 'cordova':1467 'cordova/phonegap':934 'core':339 'crash':287 'creat':1383,1429 'credenti':307,349 'criteria':1516 'cross':451,656,900,1185,1245,1421 'cross-platform':655,899,1184,1244,1420 'cross-webview':450 'csp':429,1217,1374 'custom':468 'dart':922 'data':144,161,294,297,331,340,375,476,485,713,745,751,854,896,969,975,982,991,999,1002,1006,1010,1019,1031,1116,1176,1226,1300,1347,1392,1423,1435 'databas':271 'debug':290,739,818,820 'debugg':786 'deep':597,832,1401 'default':419,1133 'defens':1155 'defense-in-depth':1154 'degrad':797,1417 'delet':1011 'depend':1063 'depth':1157 'deriv':355 'describ':1484 'design':215 'detail':89 'detect':555,628,787,789,822,1060,1067,1170,1413 'develop':106,121,137,823,1187 'devic':619,621,790,877 'devsecop':213 'differ':62,225 'directori':362 'disabl':417,825,1131 'domain':63,407 'downgrad':538 'dump':393,861 'dynam':805,1048 'educ':1103 'embed':812 'enabl':422 'encod':316,320,326 'encrypt':338,373,384,760,811,1007,1139,1229,1303,1388 'enforc':412,495,561,715,795,1117,1292,1330,1372 'engin':803,1100 'environ':557,1496 'environment-specif':1495 'error':279,283,541,545,730,734 'exampl':90,1364 'exclus':376,380 'expert':5,101,118,1501 'face':570 'factor':578,1319 'failur':548 'fallback':574,1381 'featur':824,1148,1209 'file':356,360,365,383,454,458,488,848 'filter':839 'fingerprint':472,572,622 'first':155 'fix':194 'flow':594 'flutter':662,914,1449 'focus':228,238,1074 'follow':1150 'framework':1199 'gdpr':971 'general':246 'gestur':262,1113 'goal':71 'grace':796,1415 'guidanc':36 'guidelin':1152 'hand':180 'handl':280,386,447,542,549,601,652,726,732,758,892,1003,1177,1343 'hands-on':179 'harden':827 'hardwar':582,624 'hardware-bas':623 'header':719,724 'high':207 'high-level':206 'http':531 'https':413,490,497,1119,1291,1329,1371 'https-on':496,1118 'id':569,571 'implement':185,200,403,430,525,591,596,1125,1153,1218,1236,1274,1311,1366,1393,1418,1439,1465 'implic':1173 'includ':1111,1267 'inform':291,736 'inject':264,268,273,275,424 'inlin':439 'input':13,75,139,250,257,260,1110,1275,1284,1446,1510 'instruct':69 'integr':310,353,581,784,952,1079,1223,1315 'intellectu':815 'intent':838 'interact':1365 'interop':928,1461 'io':633,640,771 'ios/android':1210 'isol':449 'javascript':414,416,421,845,911,1130,1294 'jwt':600 'key':224,354,894 'keychain':345,635 'keychain/keystore':309 'keystor':347,647 'knowledg':124,1195 'known':1065 'landscap':1256 'layer':1161 'leakag':737,855,875 'level':208 'lifecycl':614,687,1194 'like':1168 'limit':706,717,986,1472 'link':598,833,1402 'load':462 'local':335,457,1385 'locat':979,981,985,988 'location/camera':683 'log':856,1009 'maintain':1188 'man':518 'man-in-the-middl':517 'manag':305,444,516,611,678,762,895,978,1069,1351 'managed/native':927 'manifest':964 'master':138 'masv':1204 'match':1481 'measur':1341 'mechan':575,607,1036,1137,1309,1382 'memori':302,390,392,396,675,694,860 'messag':284,546,735,1454 'middl':521 'minim':976,1436 'miss':1518 'mobil':2,8,19,29,42,56,98,105,109,114,119,126,135,147,156,165,182,188,191,198,232,255,270,277,286,296,306,322,330,562,592,612,702,721,829,943,959,1042,1047,1165,1192,1197,1219,1238,1254,1264,1279,1358 'mobile-security-cod':1 'mobile-specif':18,108,164,190,254,720,828,1164,1237,1278,1357 'mode':740,821 'model':217,642,1212,1272 'modul':668,909 'monitor':528,1058 'multi':577,1318 'multi-factor':576,1317 'multipl':1159 'nativ':660,667,672,904,908,919,939,950,1426,1442,1460 'need':35,60 'network':492,526,540,544,556,648,1231,1323 'nosql':272 'notif':328,754,757 'oauth':590,593 'obfusc':654,766,768,772,1336 'offlin':742 'open':93 'oper':361,1178 'opt':1034 'opt-out':1033 'outcom':82 'output':315,1490 'outsid':66 'overflow':399 'owasp':1203 'pack':804 'paramet':841,1408 'parti':1014 'patch':1068 'pattern':22,116,149,189,301,666,1224,1241 'payload':759 'peer':1080 'penetr':221,1043 'permiss':363,641,651,677,680,682,1511 'person':1001 'physic':876 'pii':1004 'pin':501,524,1124,1235,1327,1395 'pipelin':214 'pkce':595 'plan':223 'platform':130,630,657,901,916,1145,1186,1206,1246,1268,1306,1422,1450 'platform-specif':129,629,1144,1205,1305 'plugin':920,935,951,1468 'polici':428,560,794 'postur':244 'practic':10,38,79,107,128,249,1182,1202 'precis':984 'prepar':1092 'preserv':997,1029 'prevent':266,394,425,440,460,473,738,807,853,862,869,881,1243 'privaci':474,681,966,970,980,996,1017,1026,1028,1172,1249,1344,1431 'privacy-compli':1430 'privacy-preserv':995,1027 'process':1082 'product':826 'progress':953 'proguard':769 'proguard/r8':653 'properti':816 'protect':159,292,295,303,313,341,389,391,400,475,522,539,693,741,752,764,782,799,809,817,819,859,886,913,924,931,941,983,994,1005,1051,1056,1142,1162,1308,1334,1348,1464 'protocol':411,529,536 'provid':83 'proxi':552 'purpos':117 'push':327,753 'pwa':956 'r8':770 'rasp':783 'rate':705 'react':659,903,1441 'realm':342 'record':880 'recoveri':889,893 'refresh':606 'regul':1250 'regular':478 'regulatori':1088 'reject':513 'relev':77 'remov':489 'report':288 'request':707 'request/response':709 'requir':74,92,1089,1253,1266,1509 'resist':163,1101 'resolut':748 'resourc':810 'resources/implementation-playbook.md':94 'respons':731,1260 'restor':897 'restrict':408,436,456 'retent':1000 'retri':550 'revers':802 'review':220,1071,1076,1081,1502 'root/jailbreak':627,788,1169,1412 'runtim':679,778,932,1050,1052 'safeti':676,1512 'sandbox':464,643,1471 'sanit':253,842,857,1108,1409 'sast/dast':1045 'scan':1062,1064 'scenario':1097 'schema':711 'scheme':836,849 'scope':68,1483 'screen':879 'screenshot':858,882 'script':423,434,947 'script-src':433 'sdk':1016 'sdks':1015 'secret':304,314 'secur':3,7,16,21,30,43,57,99,104,113,120,127,134,142,143,154,173,183,187,196,203,209,218,231,236,243,247,261,281,282,289,299,329,333,334,343,348,358,359,368,369,378,395,402,427,445,453,463,467,493,527,530,534,535,543,551,559,589,599,602,632,634,639,645,649,661,663,665,669,671,685,688,701,718,723,733,744,749,755,756,791,793,814,834,840,847,878,890,898,902,905,907,915,918,926,929,933,936,946,949,957,962,989,1023,1040,1073,1085,1096,1128,1135,1147,1151,1160,1180,1189,1198,1208,1211,1214,1225,1232,1247,1265,1285,1289,1299,1324,1354,1367,1380,1384,1399,1403,1416,1419,1440,1452,1458,1466 'security-auditor':202,235 'security-first':153 'security-focus':1072 'select':420,537 'self':510,781,1055 'self-protect':780,1054 'self-sign':509 'sensit':160,293,374,382,1390 'sensor':1115 'servic':636,960 'session':443,448,484,610,613,617 'set':1297,1375,1410,1456 'share':1020,1424 'shoulder':884 'side':864 'side-channel':863 'sign':511 'size':716 'skill':25,49,1475 'skill-mobile-security-coder' 'sms':586 'sms-base':585 'social':1099 'source-sickn33' 'special':11,102,150 'specif':20,110,131,166,192,256,631,722,830,1146,1166,1207,1239,1280,1307,1359,1497 'sql':267 'sqlite':337 'src':435 'ssl/tls':502 'standard':1086 'state':692 'static':1077 'step':85 'stop':1503 'storag':145,300,308,332,336,350,604,1136,1227,1301,1386 'strategi':371 'strict':532 'string':471 'strip':774 'substitut':1493 'success':1515 'support':584,1320 'surf':885 'symbol':773 'sync':746 'synchron':743 'system':357 'tamper':777,1340 'task':32,52,1479 'techniqu':1230,1363 'templat':993 'temporari':364,487 'test':222,1037,1041,1044,1084,1095,1098,1353,1360,1499 'third':1013 'third-parti':1012 'thread':912 'threat':216,1167,1255,1271 'throughout':1190 'time':867 'timeout':618 'tls':494 'token':583,603,605,608,761 'tool':65,1361 'topic-agent-skills' 'topic-agentic-skills' 'topic-ai-agent-skills' 'topic-ai-agents' 'topic-ai-coding' 'topic-ai-workflows' 'topic-antigravity' 'topic-antigravity-skills' 'topic-claude-code' 'topic-claude-code-skills' 'topic-codex-cli' 'topic-codex-skills' 'totp':580 'touch':259,568,1112,1283 'trait':1105 'transit':616,690 'transport':533,638 'treat':1488 'trust':406,515 'type':714,728 'ui':323 'uniti':942 'univers':851 'unrel':54 'unsaf':438 'unsafe-inlin':437 'url':404,409,835,1405 'use':23,47,171,175,201,1134,1179,1473 'user':465,469,1093,1102,1391 'valid':14,81,140,251,258,263,410,505,508,558,609,674,708,710,712,729,792,837,910,921,965,1024,1039,1090,1106,1276,1406,1447,1455,1498 'vector':168,1259 'vendor':1022 'verif':87 'vm':923 'vpn':554 'vs':172 'vulner':111,132,193,831,844,1061,1066,1240 'web':954,963 'webview':15,141,195,324,401,432,452,479,843,937,1127,1213,1288,1368,1428 'work':27 'worker':961 'workflow':34 'write':230 'xamarin':664,925,1459 'xss':852","prices":[{"id":"ac9804a8-97ee-4c12-b7e3-2b056791fb3e","listingId":"11dac6da-d27a-4933-995b-b1fcc3725aaf","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"sickn33","category":"antigravity-awesome-skills","install_from":"skills.sh"},"createdAt":"2026-04-18T21:40:55.447Z"}],"sources":[{"listingId":"11dac6da-d27a-4933-995b-b1fcc3725aaf","source":"github","sourceId":"sickn33/antigravity-awesome-skills/mobile-security-coder","sourceUrl":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/mobile-security-coder","isPrimary":false,"firstSeenAt":"2026-04-18T21:40:55.447Z","lastSeenAt":"2026-04-23T06:51:34.729Z"}],"details":{"listingId":"11dac6da-d27a-4933-995b-b1fcc3725aaf","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"sickn33","slug":"mobile-security-coder","github":{"repo":"sickn33/antigravity-awesome-skills","stars":34666,"topics":["agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows","antigravity","antigravity-skills","claude-code","claude-code-skills","codex-cli","codex-skills","cursor","cursor-skills","developer-tools","gemini-cli","gemini-skills","kiro","mcp","skill-library"],"license":"mit","html_url":"https://github.com/sickn33/antigravity-awesome-skills","pushed_at":"2026-04-23T06:41:03Z","description":"Installable GitHub library of 1,400+ agentic skills for Claude Code, Cursor, Codex CLI, Gemini CLI, Antigravity, and more. Includes installer CLI, bundles, workflows, and official/community skill collections.","skill_md_sha":"adc9ae75cc868675d2979e753a01a11bece7b7b1","skill_md_path":"skills/mobile-security-coder/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/mobile-security-coder"},"layout":"multi","source":"github","category":"antigravity-awesome-skills","frontmatter":{"name":"mobile-security-coder","description":"Expert in secure mobile coding practices specializing in input validation, WebView security, and mobile-specific security patterns."},"skills_sh_url":"https://skills.sh/sickn33/antigravity-awesome-skills/mobile-security-coder"},"updatedAt":"2026-04-23T06:51:34.729Z"}}