Skills
skills/cometchat/cometchat-skills/cometchat-android-v5/Gen Agent Trust Hub

cometchat-android-v5

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious behavior, obfuscation, or unauthorized data access was detected. The skill's operations are consistent with its stated purpose of assisting with Android app development.
  • [PROMPT_INJECTION]: The skill processes untrusted local data (project configuration and source files), which presents an indirect prompt injection surface. This is a typical requirement for development-focused skills.
  • Ingestion points: Reads build.gradle, gradle-wrapper.properties, and source code files from the local environment.
  • Boundary markers: The instructions do not specify delimiters or instructions to ignore content within the analyzed files.
  • Capability inventory: Uses executeBash, readFile, and fileSearch (referenced in SKILL.md) to inspect project structure.
  • Sanitization: The skill does not mention sanitizing or validating the content of the project files it reads.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 07:09 AM