The Agent Skills Directory

[COMMAND_EXECUTION]: The core functionality of the skill is provided by scripts/emu.sh, which executes various system commands to interact with the Android development environment. This includes adb for device communication, emulator for managing the AVD lifecycle, flutter (or fvm) for building and running the app, and nc for sending commands to the local qemu console.
[DATA_EXFILTRATION]: The skill accesses ~/.emulator_console_auth_token to retrieve the authentication token required for the local emulator console. This is a standard procedure for local emulator automation. The token is used strictly for communication with localhost to enable advanced input features like multi-touch pinching, which are not available through standard adb commands.
[INDIRECT_PROMPT_INJECTION]: The ui-list, ui-find, and tap-label commands ingest the Android accessibility tree (via uiautomator dump). This represents an attack surface where an application's UI labels could contain instructions for the agent. However, the skill treats these labels as data for matching purposes and does not directly execute them, and the risk is considered low given the local development context.
[DYNAMIC_EXECUTION]: The script scripts/emu.sh utilizes embedded Python code blocks to perform XML parsing and coordinate resolution. These blocks are hardcoded within the script and do not incorporate untrusted external input into the executable logic.

android-emulator