sparkscan-android
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified. The skill correctly handles sensitive placeholders for license keys and focuses on its stated purpose of Android development.
- [EXTERNAL_DOWNLOADS]: The skill fetches the latest SDK version number from Maven Central (Sonatype), which is a well-known service. This is a legitimate operation to provide the user with up-to-date dependency configurations and does not involve executing untrusted remote code.
- [PROMPT_INJECTION]: Instructional constraints on the agent's persona and output formatting (e.g., not telling the user to check docs themselves or only summarizing specific changes) are designed for technical accuracy and user experience. These do not constitute attempts to bypass safety guidelines or conceal malicious behavior.
Audit Metadata