Skills
skills/rcosteira79/coroutine-skills/android-source-search/Gen Agent Trust Hub

android-source-search

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches Android source code and library content from official Google Gitiles servers and the AndroidX GitHub repository.
  • [COMMAND_EXECUTION]: Utilizes the GitHub CLI (gh api) via Bash to retrieve directory listings from the AndroidX repository.
  • [PROMPT_INJECTION]: The skill processes external source code content which represents an indirect prompt injection surface.
  • Ingestion points: Android source files retrieved from android.googlesource.com and raw.githubusercontent.com (SKILL.md).
  • Boundary markers: Absent.
  • Capability inventory: Reading source via WebFetch, retrieving directory metadata via gh api, and specialized MCP lookup tools.
  • Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 05:40 PM
Security Audit — agent-trust-hub — android-source-search