Skills
skills/majiayu000/claude-skill-registry/adb-bypass/Gen Agent Trust Hub

adb-bypass

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the execution of local Python scripts using the uv run tool and interacts with Android devices via adb shell commands to verify root status and module activity.
  • [PROMPT_INJECTION]: A surface for indirect prompt injection exists because the skill monitors adb logcat output to verify bypass effectiveness. Malicious applications on the connected device could write crafted strings to the log buffer to influence the agent's assessment of the security state.
  • Ingestion points: Monitoring device logs via adb logcat as described in the troubleshooting section.
  • Boundary markers: None identified; the documentation suggests simple keyword filtering (e.g., grep) without sanitization.
  • Capability inventory: Execution of Python scripts (preflight-validation.py) and potential triggering of downstream app automation (adb-karrot) based on validation results.
  • Sanitization: Not documented; the skill appears to rely on raw log output matching.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 08:32 AM