r8-analyzer
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill's workflow is focused on code analysis for performance and size optimization, with no dangerous capabilities such as network access, privilege escalation, or shell execution.
- [EXTERNAL_DOWNLOADS]: The skill references documentation and ProGuard rules from trusted sources, including developer.android.com and official repositories for Google Gson, Square Retrofit, and Kotlin Coroutines. These references are used solely for informational purposes.
- [INDIRECT_PROMPT_INJECTION]: The skill processes project configuration files as part of its core functionality. While this is a data ingestion surface, the risk is mitigated by the skill's restricted output format and lack of exploitable tools. Evidence Chain: 1. Ingestion points: Reads build scripts and ProGuard rules (SKILL.md). 2. Boundary markers: None. 3. Capability inventory: Generates a markdown report; no network or shell access. 4. Sanitization: None.
Audit Metadata