The Agent Skills Directory

[COMMAND_EXECUTION]: Uses ADB (Android Debug Bridge) to interact with connected devices, allowing for package installation, file extraction, and the execution of shell commands, including those requiring root privileges for system-level modifications (e.g., certificate installation).\n- [REMOTE_CODE_EXECUTION]: Enables the injection of custom Javascript instrumentation scripts into Android application processes using Frida to observe and modify runtime behavior, such as cryptographic function calls.\n- [PROMPT_INJECTION]: Presents an indirect prompt injection surface because the agent is instructed to read and analyze message output from Frida hooks (get_messages), which could be influenced by a malicious app being analyzed.\n
Ingestion points: Frida message stream processed via get_messages in SKILL.md.\n
Boundary markers: Lacks explicit delimiters or instructions to ignore commands embedded within the application's output.\n
Capability inventory: Includes ADB shell access, file writing, and network proxy management via frida-mcp and adb-mcp.\n
Sanitization: No validation or sanitization of the data retrieved from the instrumentation hooks is described.

android-app-reverse