android-emulator-automation
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill interacts with Android devices by executing
adb(Android Debug Bridge) commands. The implementation inscripts/common.pyusessubprocess.runwith list-based arguments, which is a secure pattern that prevents shell injection on the host system. Tools likeapp_launcher.pyandnavigator.pyleverage this to manage packages and perform UI interactions. - [SAFE]: The skill includes an example workflow in
scripts/run_examples.shthat utilizes the Gradle wrapper (gradlew) to build a sample application. This is standard practice for Android development and is confined to the localexamples/directory. - [SAFE]: The skill processes UI hierarchy data through
scripts/screen_mapper.py. While the UI content of third-party apps constitutes an external data source that an agent would process, the skill is designed as an automation tool where such inspection is the primary and intended purpose. No suspicious data exfiltration or credential harvesting patterns were detected.
Audit Metadata