The provisioning profile grants get-task-allow, so a debugger can attach and read process memory. This is a development build, not a release.
get-task-allow=true means any process with the right entitlement on a connected machine can attach to the app: memory dumps, method swizzling, live token extraction.
Development-signed behavior in a distributed build removes the platform's anti-debugging baseline.