mobile-audit

SUSPICIOUS. The skill is internally coherent for a mobile application security audit and does not show credential theft, covert exfiltration, or suspicious install chains. However, it grants an AI agent offensive security testing guidance and tooling for reverse engineering and SSL-pinning bypass, making it high-risk by capability even with explicit authorization boundaries.