android-deploy
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill documents the use of standard build and CLI tools such as Gradle (
./gradlew),apksigner,fastlane, andbundletool. These operations are consistent with the skill's primary purpose of mobile application deployment. - [EXTERNAL_DOWNLOADS]: The skill identifies network interactions with well-known and trusted service endpoints, including the Google Play Developer API and Firebase App Distribution, which are used for application uploading and distribution.
- [CREDENTIALS_UNSAFE]: Evaluation of the skill's handling of sensitive data shows no hardcoded secrets. It correctly recommends using environment variables such as
$GOOGLE_PLAY_API_KEY,$FIREBASE_TOKEN, and$KEYSTORE_PASSto manage authentication safely. - [PROMPT_INJECTION]: No evidence of prompt injection, role-play overrides, or instructions to bypass safety guidelines was found in the skill metadata or body.
Audit Metadata