Skills
skills/sickn33/antigravity-awesome-skills/android-ui-journey-testing/Gen Agent Trust Hub

android-ui-journey-testing

Pass

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses adb shell input commands to interact with Android devices. This includes tapping, swiping, and entering text. This behavior is the intended primary purpose of the skill for UI automation.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) as it processes untrusted data from an external XML 'journey' file to drive agent actions.
  • Ingestion points: The agent parses an external XML file as the 'source of truth' for test steps.
  • Boundary markers: The skill uses structured XML tags (<journey>, <actions>, <action>) to delimit instructions.
  • Capability inventory: The agent can execute shell commands via ADB (adb shell input tap, adb shell input swipe, adb shell input text) based on the content of the XML.
  • Sanitization: The skill specifically instructs users to redact sensitive data like passwords from the output logs and reports, though it does not explicitly describe sanitization for the input XML actions themselves.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 24, 2026, 05:18 PM
Security Audit — agent-trust-hub — android-ui-journey-testing