firebase-apk-scanner
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to run various commands including
apktool,grep,find,cat, and a local scriptscanner.sh. These are used to decompile APKs and search for configuration strings, which is standard behavior for a security analysis tool. - [EXTERNAL_DOWNLOADS]: The skill uses
curlto interact with official Google and Firebase API endpoints (e.g.,identitytoolkit.googleapis.com,firebaseio.com,firebasestorage.googleapis.com). These network operations are intended to verify the security of extracted project IDs and API keys against well-known services. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by ingesting and processing data from external APK files.
- Ingestion points: Smali code, XML resources, and assets extracted from user-provided APKs are read into the agent context.
- Boundary markers: None; the skill does not use specific delimiters or instructions to ignore embedded commands in the extracted data.
- Capability inventory: The agent has access to
Bash,curl, and filesystem read tools. - Sanitization: No evidence of sanitization or filtering of the extracted strings before they are presented to the agent for analysis.
Audit Metadata