reverse-engineering-android-malware-with-jadx

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes multiple shell commands including aapt2, apktool, jadx, grep, unzip, and readelf to perform analysis on Android APK files.
  • [EXTERNAL_DOWNLOADS]: References official releases of JADX on GitHub and standard Python libraries like androguard as prerequisites for the analysis workflow.
  • [DYNAMIC_EXECUTION]: Employs Python scripts generated and executed locally via heredocs to automate metadata extraction and pattern matching within decompiled malware sources.
  • [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process untrusted binary data (Android APKs). This creates an attack surface for indirect prompt injection if the agent interprets content extracted from the malware as instructions.
  • Ingestion points: Processes malware.apk and its decompiled contents in jadx_output/sources.
  • Boundary markers: No specific boundary markers or instructions to ignore embedded content are provided for the agent.
  • Capability inventory: Includes shell execution, Python script execution, and file system operations.
  • Sanitization: Minimal sanitization of extracted strings (uses errors='ignore' and basic printable character checks).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 04:08 PM
Security Audit — agent-trust-hub — reverse-engineering-android-malware-with-jadx