The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the subprocess module to interface with external command-line utilities for security analysis.
In scripts/agent.py, the script executes apktool for static analysis of APK files and adb to verify device proxy and certificate configurations.
In scripts/process.py, it executes frida to initiate dynamic instrumentation sessions.
Commands are constructed using argument lists, which mitigates standard shell injection vulnerabilities.
[REMOTE_CODE_EXECUTION]: The skill facilitates the injection of JavaScript code into target mobile application processes using the Frida framework.
The Python scripts include hardcoded JavaScript snippets for bypassing common SSL/TLS pinning implementations like OkHttp, TrustManager, and NSURLSession.
These scripts are written to local storage in the /tmp/ directory before being loaded into the target process memory.
[EXTERNAL_DOWNLOADS]: The documentation references standard security tools that must be installed from official registries.
It provides instructions to install frida-tools and objection via pip. These are well-known tools from trusted sources and are essential for the skill's documented workflow.

performing-mobile-app-certificate-pinning-bypass