adb

The manifest accurately documents an ADB assistant skill that enables broad read-only inspection capabilities and—when explicitly confirmed—powerful device-modifying commands. There is no sign of embedded malicious code, obfuscation, or external C2 behavior in the provided file. However, the declared capabilities (adb pull, logcat, bugreport, screencap, and privileged operations with confirmation) create moderate security risk because they allow access to highly sensitive device data and, if confirmation controls are absent or bypassed, could enable device compromise. Recommendations: enforce strict interactive confirmations, restrict allowed adb command patterns and filesystem path scopes to the minimum required, require per-action justification and audit logging, and prevent automated bulk pulls or automatic forwarding of pulled artifacts.