Security

Yeethook handles sensitive credentials on your behalf: your App Store Connect API key and your Slack webhook URLs. This section explains how we protect them.

Your p8 key is encrypted with AES-256-GCM at rest, never exposed in the UI, and only decrypted server-side for the brief moment needed to call Apple's API. Your Slack webhooks are write-only and strictly one-way. You stay in control of both, and you can revoke access at any time.