android-native-dev
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of instructional documentation and code templates for Android development. No executable scripts, obfuscated content, or hidden commands are present.
- [COMMAND_EXECUTION]: The documentation includes standard Gradle (
./gradlew) and Android Debug Bridge (adb) commands necessary for building and deploying Android applications. These are standard developer tools and pose no security risk in this context. - [EXTERNAL_DOWNLOADS]: The skill references official Android developer documentation, Material Design guidelines, and well-known libraries from standard registries (Google and Maven Central). All external resources originate from trusted organizations and well-known services.
- [PROMPT_INJECTION]: The skill instructions involve analyzing user-provided project directories, which constitutes an indirect prompt injection surface.
- Ingestion points: Project directory structure and configuration files as assessed in the 'Project Scenario Assessment' section (SKILL.md).
- Boundary markers: The skill does not define specific delimiters or 'ignore' instructions for isolating user-provided project content from agent logic.
- Capability inventory: Shell execution capabilities for Gradle and ADB are documented for project build and deployment tasks (SKILL.md).
- Sanitization: No specific sanitization or validation of project content is mentioned before command execution.
Audit Metadata