offensive-mobile

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This is a dual-use offensive pentesting playbook that explicitly documents step‑by‑step techniques for credential dumping (Keychain/SharedPrefs/databases), data exfiltration, remote command execution (WebView→Runtime.exec, Frida/Objection hooks), app tampering/repackaging, and bypassing device/app protections — behaviors that directly enable malicious backdoor, RCE, and theft scenarios.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and test arbitrary public app endpoints (e.g., "strings app.apk ... grep ... firebaseio.com" and "curl https://target-app.firebaseio.com/.json") and to check external web resources like an app's apple-app-site-association, meaning the agent will ingest untrusted, user-controlled web content that can materially influence subsequent testing actions.