Skills
skills/oimiragieo/agent-studio/android-expert/Gen Agent Trust Hub

android-expert

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill contains a mandatory 'Memory Protocol' that instructs the agent to execute shell commands (cat) to retrieve historical learning data from the .claude/context/memory/ directory.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its data processing capabilities and tool access.
  • Ingestion points: The agent is instructed to process untrusted project files and source code using Read, Glob, and Grep tools.
  • Boundary markers: There are no defined delimiters or instructions to treat ingested file content as non-executable data, increasing the risk of the agent obeying instructions embedded in code comments or strings.
  • Capability inventory: The skill permits the use of powerful tools including Bash, Write, and Edit, which could be leveraged if an injection is successful.
  • Sanitization: The skill does not implement any validation or sanitization of content read from the filesystem before it is added to the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 07:02 PM
Security Audit — agent-trust-hub — android-expert