mobile-security

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The content provides explicit, actionable techniques and code for bypassing protections (root/jailbreak/anti‑cheat), disabling SSL pinning, performing runtime code injection (Frida, Zygisk, native hooks) and direct memory manipulation, which clearly enable credential interception, unauthorized runtime code execution and stealthy backdoor-style abuse.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Data Source section explicitly instructs the agent to fetch raw files from public GitHub URLs (e.g., https://raw.githubusercontent.com/gmh5225/.../README.md and archive/description paths) and to read those repository archive/description files as part of its required workflow, meaning it will ingest untrusted, user-generated third‑party web content that can materially influence its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs the agent at runtime to fetch and use external content from https://raw.githubusercontent.com/gmh5225/awesome-game-security/refs/heads/main/README.md (and the related raw.githubusercontent.com archive/description URLs), which will be injected into and directly control the agent's responses, making those fetches a required runtime dependency.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill contains explicit, actionable instructions for memory editing (/proc/pid/mem), process hooking (Frida, native hooks), and bypassing security mechanisms (root/jailbreak and certificate-pinning bypasses), which enable modifying runtime state and evading protections on the host or connected devices.