Yes, we are using automatically managed signing/provisioning. We have not yet tried switching automatic signing off and back on, or forcing a clean manual profile setup. I’m not convinced it explains our case, because the Watch app installs and launches successfully first, then later becomes untrusted on-device. That makes it feel less like a deterministic bad build/profile and more like a TestFlight/AppConduit/watchOS profile state problem after install.

@developer555 pre-AppStore for our watch app, so can't tell you there. In our case it's affecting so many Testflight users that it's rendering TestFlight basically useless.