apk-redteam-pipeline

When to use this skill

Trigger when:

• Recon surfaces 1+ mobile apps under the target's developer name (Play Store dev page)
• A web app hosts *.apk files directly (e.g. Recruitz.apk found on a subdomain during one engagement)
• APK package IDs leaked via stealer logs (e.g. com.<brand>.app, com.<brand>.<sub-brand> patterns in stealer dump format)
• Customer-facing app, dealer/partner portal, or employee mobile companion app is in scope
• Bug bounty program lists Android in scope

DO NOT use for:

• iOS-only targets (different pipeline — IPA reverse, MobSF, frida-ios-dump)
• React Native / Flutter web apps already covered by JS bundle analysis
• Server-side only assessments

Stage 0 — Inventory all org-owned apps